Explore top 10 tips to secure your open-source projects now. Read More
×
Description:
GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized
memory in the ToUnicode APIs because of mishandling in
idna_to_unicode_internal. The affected code is not present in libidn2.
(CVE-2026-57053)
- https://bugs.mageia.org/show_bug.cgi?id=35726
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2026&m=slackware-security.355846
- https://lists.gnu.org/archive/html/help-libidn/2026-05/msg00000.html
- https://lists.gnu.org/archive/html/help-libidn/2025-06/msg00000.html
- https://ubuntu.com/security/notices/USN-8521-1
- https://www.cve.org/CVERecord?id=CVE-2026-57053
- 10/core/libidn-1.43-2.1.mga10
- 9/core/libidn-1.41-2.1.mga9
Publication date:18 Jul 2026
Get the latest Linux and open source security news straight to your inbox.