CVE-2026-40468
Severity CVSS v4.0:
LOW
Type:
CWE-190
Integer Overflow or Wraparound
Publication date:
13/07/2026
Last modified:
13/07/2026
Description
Integer overflow vulnerability has been found in "builtin.c" program file of gawk. This issue may lead to memory exhaustion on the hosting operating system and could be used to overwrite gawk heap metadata and objects with attacker-controlled bytes. It affects gawk in versions 5.4.0 and below.
Impact
Base Score 4.0
2.10
Severity 4.0
LOW



