PT-2026-57814 · Gawk · Gawk

Marcin Wyczechowski

+1

·

Published

2026-07-13

·

Updated

2026-07-13

·

CVE-2026-40469

CVSS v3.1

9.1

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Name of the Vulnerable Software and Affected Versions gawk versions 5.4.0 and earlier (32-bit builds)
Description An integer overflow exists in the do sub() routine within the builtin.c file. This flaw allows for the overwriting of heap metadata and objects, which can lead to a program crash. An integer overflow occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented with a given number of bits.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-40469

Affected Products

Gawk