CVE-2026-40469
Heap buffer overflow in gawk
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Integer overflow vulnerability has been found in "builtin.c" program file of gawk (do_sub() routine). This issue could be used to overwrite gawk heap metadata and objects causing the program to crash. It affects 32-bit builds of gawk in versions 5.4.0 and below.
| CWE | CWE-190 |
| Vendor | gnu |
| Product | gawk |
| Published | Jul 13, 2026 |
| Last Updated | Jul 13, 2026 |
Stay Ahead of the Next One
Get instant alerts for gnu gawk
Be the first to know when new unknown vulnerabilities affecting gnu gawk are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
GNU / gawk
0 ≤ 5.4.0
References
Credits
Michał Majchrowicz (AFINE) Marcin Wyczechowski (AFINE)