CVE-2026-0915
Essential information
- Published
- 15/01/2026 22:16
- Modified
- 16/01/2026 18:16
- Author
- —
- Creator
- —
- CISA KEV
- No
- CWE
- —
- CVSS vector
- — — —
Description
Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.
NVD status
- Status
- Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- 3ff69d7a-14f2-4f67-a097-88dee7810d18
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| gnu / glibc | cpe:2.3:a:gnu:glibc:2.0-2.42:*:*:*:*:*:*:* |