CyberRota
← Ana sayfaya dön

CVE-2026-58472

MEDIUM · CVSS 5.9

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-07T21:17:28.873 · Çekilme zamanı: 2026-07-08T00:05:56.779517+00:00

CyberRota Yorumu

Bellek tüketimine neden olabilir. Uzaktan istismar edilebilir olabilir.

CVE
CVE-2026-58472
Severity
MEDIUM
CVSS
5.9
EPSS
Yok

Orijinal NVD Açıklaması

GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the html_quote_string() function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity encoding. A server-supplied HTML attribute causes a signed integer counter to overflow during output size accumulation, resulting in an undersized heap allocation and subsequent heap buffer overflow during the copy phase.