COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-40468

CVE-2026-40468

Severity
critical
Source
NVD · cve
Published
2026-07-13
CVSS
9.1
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-40468
shame 35/100

Integer overflow vulnerability has been found in "builtin.c" program file of gawk. This issue may lead to memory exhaustion on the hosting operating system and could be used to overwrite gawk heap metadata and objects with attacker-controlled bytes. It affects gawk in versions 5.

Players implicated

fossies · vendorgawk · product

Description

Integer overflow vulnerability has been found in "builtin.c" program file of gawk. This issue may lead to memory exhaustion on the hosting operating system and could be used to overwrite gawk heap metadata and objects with attacker-controlled bytes. It affects gawk in versions 5.4.0 and below.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.