Vulnerability Description
A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnome | Glib | < 2.86.3 |
| Redhat | Enterprise Linux | 7.0 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2026:15953
- https://access.redhat.com/errata/RHSA-2026:15969
- https://access.redhat.com/errata/RHSA-2026:15971
- https://access.redhat.com/errata/RHSA-2026:19148
- https://access.redhat.com/errata/RHSA-2026:19361
- https://access.redhat.com/errata/RHSA-2026:19452
- https://access.redhat.com/errata/RHSA-2026:19457
- https://access.redhat.com/errata/RHSA-2026:19459
- https://access.redhat.com/errata/RHSA-2026:19460
- https://access.redhat.com/errata/RHSA-2026:19523
- https://access.redhat.com/errata/RHSA-2026:19524
- https://access.redhat.com/errata/RHSA-2026:19565
- https://access.redhat.com/errata/RHSA-2026:19566
- https://access.redhat.com/errata/RHSA-2026:19567
- https://access.redhat.com/errata/RHSA-2026:7461
FAQ
What is CVE-2025-14087?
CVE-2025-14087 is a vulnerability with a CVSS score of 5.6 (MEDIUM). A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVa...
How severe is CVE-2025-14087?
CVE-2025-14087 has been rated MEDIUM with a CVSS base score of 5.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-14087?
Check the references section above for vendor advisories and patch information. Affected products include: Gnome Glib, Redhat Enterprise Linux.