A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00061.

Exploitation poc

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Red Hat Red Hat Enterprise Linux 10 affected
Version Status Constraints
0:3.6.5-3.el10_1.9 unaffected < *
Red Hat Red Hat Enterprise Linux 10.0 Extended Update Support affected
Version Status Constraints
0:3.6.5-3.el10_0.14 unaffected < *
Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support affected
Version Status Constraints
0:2.62.2-11.el7_9 unaffected < *
Red Hat Red Hat Enterprise Linux 8 affected
Version Status Constraints
0:8.10-7 unaffected < *
Red Hat Red Hat Enterprise Linux 8 affected
Version Status Constraints
0:2.62.3-13.el8_10 unaffected < *
Red Hat Red Hat Enterprise Linux 8 affected
Version Status Constraints
0:2.62.3-13.el8_10 unaffected < *
Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support affected
Version Status Constraints
0:2.62.3-1.el8_2.8 unaffected < *
Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support affected
Version Status Constraints
0:8.10-7.el8_2.1 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support affected
Version Status Constraints
0:2.62.3-2.el8_4.8 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support affected
Version Status Constraints
0:8.10-7.el8_4.1 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On affected
Version Status Constraints
0:2.62.3-2.el8_4.8 unaffected < *
Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On affected
Version Status Constraints
0:8.10-7.el8_4.1 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support affected
Version Status Constraints
0:2.62.3-2.el8_6.8 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support affected
Version Status Constraints
0:8.10-7.el8_6.1 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service affected
Version Status Constraints
0:2.62.3-2.el8_6.8 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service affected
Version Status Constraints
0:8.10-7.el8_6.1 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions affected
Version Status Constraints
0:2.62.3-2.el8_6.8 unaffected < *
Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions affected
Version Status Constraints
0:8.10-7.el8_6.1 unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service affected
Version Status Constraints
0:2.62.3-3.el8_8.8 unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service affected
Version Status Constraints
0:8.10-7.el8_8.1 unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions affected
Version Status Constraints
0:2.62.3-3.el8_8.8 unaffected < *
Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions affected
Version Status Constraints
0:8.10-7.el8_8.1 unaffected < *
Red Hat Red Hat Enterprise Linux 9 affected
Version Status Constraints
0:2.72.0-12.el9_7.5 unaffected < *
Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions affected
Version Status Constraints
0:2.72.0-8.el9_0.9 unaffected < *
Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions affected
Version Status Constraints
0:2.72.0-8.el9_2.10 unaffected < *
Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support affected
Version Status Constraints
0:2.72.0-8.el9_4.9 unaffected < *
Red Hat Red Hat Enterprise Linux 9.6 Extended Update Support affected
Version Status Constraints
0:2.72.0-10.el9_6.6 unaffected < *
Red Hat Red Hat OpenShift Dev Spaces (RHOSDS) 3.26 affected
Version Status Constraints
sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96 unaffected < *
Red Hat Red Hat OpenShift Dev Spaces (RHOSDS) 3.26 affected
Version Status Constraints
sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692 unaffected < *
Red Hat Red Hat OpenShift Dev Spaces (RHOSDS) 3.26 affected
Version Status Constraints
sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472 unaffected < *
Red Hat Red Hat Enterprise Linux 6 unknown

No data.

No data.

No data.

Project Subscriptions

Vendors Products
Redhat Subscribe
Enterprise Linux Subscribe
Enterprise Linux Eus Subscribe
Openshift Devspaces Subscribe
Rhel Aus Subscribe
Rhel E4s Subscribe
Rhel Els Subscribe
Rhel Eus Subscribe
Rhel Eus Long Life Subscribe
Rhel Tus Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

References
Link Providers
https://access.redhat.com/errata/RHSA-2026:1948 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2005 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2006 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2007 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2008 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2049 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2182 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2214 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2215 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2216 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2396 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2402 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2512 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2513 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2514 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2528 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2529 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2628 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:2844 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2026-0719 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2427906 cve-icon cve-icon
https://gitlab.gnome.org/GNOME/libsoup/-/issues/477 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-0719 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-0719 cve-icon
History

Tue, 17 Feb 2026 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat openshift Devspaces
CPEs cpe:/a:redhat:openshift_devspaces:3.26::el9
Vendors & Products Redhat openshift Devspaces
References

Thu, 12 Feb 2026 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Els
CPEs cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:rhel_els:7
Vendors & Products Redhat rhel Els
References

Wed, 11 Feb 2026 13:30:00 +0000

Type Values Removed Values Added
References

Wed, 11 Feb 2026 11:00:00 +0000

Type Values Removed Values Added
References

Wed, 11 Feb 2026 08:15:00 +0000

Type Values Removed Values Added
References

Wed, 11 Feb 2026 08:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_aus:8.6::appstream
cpe:/a:redhat:rhel_e4s:8.6::appstream
cpe:/a:redhat:rhel_tus:8.6::appstream
cpe:/o:redhat:rhel_aus:8.6::baseos
cpe:/o:redhat:rhel_e4s:8.6::baseos
cpe:/o:redhat:rhel_tus:8.6::baseos
References

Tue, 10 Feb 2026 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Aus
Redhat rhel Eus Long Life
CPEs cpe:/a:redhat:rhel_aus:8.2::appstream
cpe:/a:redhat:rhel_aus:8.4::appstream
cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
cpe:/o:redhat:rhel_aus:8.2::baseos
cpe:/o:redhat:rhel_aus:8.4::baseos
cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
Vendors & Products Redhat rhel Aus
Redhat rhel Eus Long Life
References

Mon, 09 Feb 2026 07:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:8::appstream
cpe:/o:redhat:enterprise_linux:8::baseos
References

Mon, 09 Feb 2026 03:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:9 cpe:/a:redhat:enterprise_linux:9::appstream
References

Thu, 05 Feb 2026 20:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:10.1
References

Thu, 05 Feb 2026 13:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_eus:9.6::appstream
References

Thu, 05 Feb 2026 07:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat enterprise Linux Eus
CPEs cpe:/a:redhat:rhel_e4s:9.0::appstream
cpe:/o:redhat:enterprise_linux_eus:10.0
Vendors & Products Redhat enterprise Linux Eus
References

Thu, 05 Feb 2026 04:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Eus
CPEs cpe:/a:redhat:rhel_eus:9.4::appstream
Vendors & Products Redhat rhel Eus
References

Thu, 05 Feb 2026 04:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_e4s:9.2::appstream
References

Thu, 05 Feb 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel E4s
Redhat rhel Tus
CPEs cpe:/a:redhat:rhel_e4s:8.8::appstream
cpe:/a:redhat:rhel_tus:8.8::appstream
cpe:/o:redhat:rhel_e4s:8.8::baseos
cpe:/o:redhat:rhel_tus:8.8::baseos
Vendors & Products Redhat rhel E4s
Redhat rhel Tus
References

Tue, 13 Jan 2026 06:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

 cvssV3_1

{'score': 8.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H'}

Fri, 09 Jan 2026 06:00:00 +0000

Type Values Removed Values Added
Description A flaw was found in libsoup's NTLM (NT LAN Manager) authentication module. When NTLM authentication is enabled, a local attacker can exploit a stack-based buffer overflow vulnerability in the md4sum() function. This allows the attacker to overwrite adjacent memory, which may result in arbitrary code execution with the privileges of the affected application. A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.

Fri, 09 Jan 2026 05:45:00 +0000

Type Values Removed Values Added
Title Libsoup: libsoup: arbitrary code execution via stack-based buffer overflow in ntlm authentication Libsoup: signed to unsigned conversion error leading to stack-based buffer overflow in libsoup ntlm authentication
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

 cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Fri, 09 Jan 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Important

Thu, 08 Jan 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 08 Jan 2026 13:00:00 +0000

Type Values Removed Values Added
Description A flaw was found in libsoup's NTLM (NT LAN Manager) authentication module. When NTLM authentication is enabled, a local attacker can exploit a stack-based buffer overflow vulnerability in the md4sum() function. This allows the attacker to overwrite adjacent memory, which may result in arbitrary code execution with the privileges of the affected application.
Title Libsoup: libsoup: arbitrary code execution via stack-based buffer overflow in ntlm authentication
First Time appeared Redhat
Redhat enterprise Linux
Weaknesses CWE-121
CPEs cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-02-17T18:23:04.114Z

Reserved: 2026-01-08T12:12:33.130Z

Link: CVE-2026-0719

cve-icon Vulnrichment

Updated: 2026-01-08T14:31:28.400Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-01-08T13:15:43.283

Modified: 2026-02-17T19:21:55.890

Link: CVE-2026-0719

cve-icon Redhat

Severity : Important

Publid Date: 2026-01-08T00:00:00Z

Links: CVE-2026-0719 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses