Cyber Resilience

CVE-2026-0719

HighUpdated

Published: 08 January 2026

Published
08 January 2026
Modified
30 June 2026
KEV Added
Patch
CVSS Score v3.1 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
EPSS Score 0.0056 42.2th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-0719 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Gnome (inferred from references). Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 42.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-0719 is a stack-based buffer overflow vulnerability (CWE-121) in the NTLM authentication handling of the libsoup HTTP library, which is used by GNOME and other applications for network communication. The flaw arises when processing extremely long passwords, where an internal size calculation overflows due to improper use of signed integers. This leads to incorrect memory allocation on the stack and subsequent unsafe memory copying, potentially causing applications relying on libsoup to crash.

The vulnerability has a CVSS v3.1 base score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H), indicating it is exploitable over the network with low complexity, no privileges or user interaction required. A remote unauthenticated attacker can trigger the issue by supplying an extremely long password during NTLM authentication, resulting in application crashes for denial-of-service, along with limited impacts on confidentiality and integrity.

Red Hat has addressed the vulnerability through multiple errata, including RHSA-2026:1948, RHSA-2026:2005, RHSA-2026:2006, RHSA-2026:2007, and RHSA-2026:2008, providing patches for affected systems. Security practitioners should review these advisories for details on impacted packages and apply updates promptly to mitigate the risk.

EU & UK References

Vulnerability details

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed…

more

integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Remote network exploitation of buffer overflow in HTTP/NTLM library enables public-facing app compromise (T1190) and targeted application DoS via crash (T1499.004).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-29149Shared CWE-121
CVE-2025-70656Shared CWE-121
CVE-2025-71023Shared CWE-121
CVE-2025-70744Shared CWE-121
CVE-2026-29068Shared CWE-121
CVE-2025-70644Shared CWE-121
CVE-2025-29121Shared CWE-121
CVE-2025-15608Shared CWE-121
CVE-2025-70238Shared CWE-121
CVE-2025-65805Shared CWE-121

Affected Assets

Gnome
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mandates timely remediation of identified flaws like the libsoup buffer overflow through patching, as provided in Red Hat errata.

prevent

Implements memory safeguards such as stack canaries and address space randomization to block exploitation of the stack-based buffer overflow from unsafe memory copying.

prevent

Requires validation of inputs like extremely long NTLM passwords to avoid triggering the signed integer overflow in libsoup authentication handling.

References