4.0
MEDIUM
CVSS 3.1
CVE-2026-57053
GNU libidn Out-of-Bounds Read Vulnerability
Overview
Description
GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idna_to_unicode_internal. The affected code is not present in libidn2.
Details
INFO
Published Date :
June 23, 2026, 4:40 p.m.
Last Modified :
June 23, 2026, 4:40 p.m.
Remotely Exploit :
No
Source :
mitre
Scoring
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework
for assessing the severity of vulnerabilities in software and systems.
We collect and displays CVSS scores from various sources for each CVE.
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|---|
| CVSS 3.1 | MEDIUM | 8254265b-2729-46b6-b9e3-3dfca2d5bfca |
Solution
Update GNU libidn to version 1.44 or later to fix memory read vulnerabilities.
- Update GNU libidn to version 1.44 or later.
- Consider migrating to libidn2 if possible.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-57053 vulnerability anywhere in the article.
EPSS is a daily estimate of the probability of exploitation activity
being observed over the next 30 days. Following chart shows the EPSS
score history of the vulnerability.