CVE-2026-4046

Published: Mar 30, 2026 Last Modified: Mar 30, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,5

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: none

Availability: high

Description

AI Translation Available

The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application.

This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.

617

Reachable Assertion

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Availability

Potential Impacts:

Dos: Crash, Exit, Or Restart

Applicable Platforms

Languages: C, Java, Not Language-Specific, Rust

View CWE Details

https://sourceware.org/bugzilla/show_bug.cgi?id=33980

https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advi…

https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026…

CVE-2026-4046

Description

Reachable Assertion

Common Consequences

Applicable Platforms

Iscriviti alla newsletter