CVE-2026-0719
Published: 08 January 2026
Summary
CVE-2026-0719 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Gnome (inferred from references). Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 42.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2026-0719 is a stack-based buffer overflow vulnerability (CWE-121) in the NTLM authentication handling of the libsoup HTTP library, which is used by GNOME and other applications for network communication. The flaw arises when processing extremely long passwords, where an internal size calculation overflows due to improper use of signed integers. This leads to incorrect memory allocation on the stack and subsequent unsafe memory copying, potentially causing applications relying on libsoup to crash.
The vulnerability has a CVSS v3.1 base score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H), indicating it is exploitable over the network with low complexity, no privileges or user interaction required. A remote unauthenticated attacker can trigger the issue by supplying an extremely long password during NTLM authentication, resulting in application crashes for denial-of-service, along with limited impacts on confidentiality and integrity.
Red Hat has addressed the vulnerability through multiple errata, including RHSA-2026:1948, RHSA-2026:2005, RHSA-2026:2006, RHSA-2026:2007, and RHSA-2026:2008, providing patches for affected systems. Security practitioners should review these advisories for details on impacted packages and apply updates promptly to mitigate the risk.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-1573
Vulnerability details
A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed…
more
integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote network exploitation of buffer overflow in HTTP/NTLM library enables public-facing app compromise (T1190) and targeted application DoS via crash (T1499.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mandates timely remediation of identified flaws like the libsoup buffer overflow through patching, as provided in Red Hat errata.
Implements memory safeguards such as stack canaries and address space randomization to block exploitation of the stack-based buffer overflow from unsafe memory copying.
Requires validation of inputs like extremely long NTLM passwords to avoid triggering the signed integer overflow in libsoup authentication handling.