Vulnerability Details CVE-2026-40468
Integer overflow vulnerability has been found in "builtin.c" program file of gawk. This issue may lead to memory exhaustion on the hosting operating system and could be used to overwrite gawk heap metadata and objects with attacker-controlled bytes. It affects gawk in versions 5.4.0 and below.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 10.1%
CVSS Severity
CVSS v3 Score 9.1
Products affected by CVE-2026-40468
-
-
cpe:2.3:a:fossies:gawk:5.1.1