Home > Vulnerability Database > CVE-2026-0719

Mend.io Vulnerability Database

CVE-2026-0719

Good to know:

Date: January 8, 2026

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.

Severity Score

8.6

Related Resources (11)

Url: https://access.redhat.com/errata/RHSA-2026:2007

Url: https://access.redhat.com/errata/RHSA-2026:2006

Url: https://access.redhat.com/errata/RHSA-2026:2005

Url: https://access.redhat.com/errata/RHSA-2026:2049

Url: https://access.redhat.com/errata/RHSA-2026:2008

Url: https://access.redhat.com/errata/RHSA-2026:1948

Url: https://gitlab.gnome.org/GNOME/libsoup/-/issues/477

Url: https://access.redhat.com/security/cve/CVE-2026-0719

Url: https://nvd.nist.gov/vuln/detail/CVE-2026-0719

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2427906

Url: https://www.mend.io/vulnerability-database/CVE-2026-0719

Severity Score

8.6

Weakness Type (CWE)

Stack-based Buffer Overflow

CWE-121

CVSS v3.1

Base Score:	8.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2026-0719

Good to know:

Date: January 8, 2026

Severity Score

Related Resources (11)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?