Cyber Posture

CVE-2026-5435

High

Published: 28 April 2026

Published
28 April 2026
Modified
05 May 2026
KEV Added
Patch
CVSS Score 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0004 13.9th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-5435 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Gnu Glibc. Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 13.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly remediates the out-of-bounds write vulnerability in glibc deprecated functions by identifying, prioritizing, and applying vendor-provided patches.

SI-16 Memory Protection partial match
prevent

Implements runtime memory protections like ASLR, DEP, and stack guards that hinder successful exploitation of the buffer overflow when printing TSIG records.

RA-5 Vulnerability Monitoring and Scanning partial match
detect

Provides vulnerability scanning to identify systems with vulnerable glibc versions affected by CVE-2026-5435 for timely remediation.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

The CVE describes a remotely exploitable, unauthenticated network vulnerability (out-of-bounds write in glibc DNS functions) that can be triggered against affected applications, directly enabling T1190 Exploit Public-Facing Application.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records.

Deeper analysisAI

CVE-2026-5435 affects the GNU C Library (glibc) versions 2.2 and newer, specifically the deprecated functions ns_printrrf, ns_printrr, and fp_nquery. These functions fail to enforce the caller-supplied buffer length, leading to an out-of-bounds write when printing TSIG records. The vulnerability is classified under CWE-787 (Out-of-bounds Write) and carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), indicating high severity due to its network accessibility and ease of exploitation.

Unauthenticated remote attackers can exploit this vulnerability over the network with low attack complexity and no user interaction required. Exploitation triggers an out-of-bounds write, potentially allowing limited impacts on confidentiality, integrity, and availability, such as partial data disclosure, modification, or service disruption in affected glibc-dependent applications handling TSIG records.

Mitigation details are available in the referenced advisories, including the glibc-announce mailing list post at https://inbox.sourceware.org/libc-announce/7a655d55-276f-41fe-b550-feb3ebb2ce91@redhat.com/T/#u and the Sourceware Bugzilla entry at https://sourceware.org/bugzilla/show_bug.cgi?id=34033.

Details

CWE(s)
CWE-787

Affected Products

gnu
glibc
≥ 2.2

CVEs Like This One

CVE-2026-5450Same product: Gnu Glibc
CVE-2026-5928Same product: Gnu Glibc
CVE-2025-15281Same product: Gnu Glibc
CVE-2026-0915Same product: Gnu Glibc
CVE-2026-0861Same product: Gnu Glibc
CVE-2026-4046Same product: Gnu Glibc
CVE-2026-4437Same product: Gnu Glibc
CVE-2025-13151Same vendor: Gnu
CVE-2026-32746Same vendor: Gnu
CVE-2025-1125Same vendor: Gnu

References