QwikSec

Security Database

CVE

CWE

Training

CVE-2026-4046

Published: Mar 30, 2026

Modified: Apr 20, 2026

PUBLISHED

Description

The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.

Vendor	Product	Versions
The GNU C Library	glibc	affected `2.3.3 - <= 2.43`

Weaknesses (CWE)

References

https://sourceware.org/bugzilla/show_bug.cgi?id=33980

issue-tracking

https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2026-0007;hb=HEAD

vendor-advisory

https://inbox.sourceware.org/libc-announce/[email protected]/T/#u

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.