Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…
EPSS 0.2%top 88%

Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

0
Medium
Published: 07/15/2026 (07/15/2026, 14:28:58 UTC)
Source: GCVE Database
Vendor/Project: Red Hat Product Security
Product: Red Hat

Description

This update includes the following RPMs: gawk: * gawk-5.4.0-3.1.hum1 (aarch64, x86_64) * gawk-all-langpacks-5.4.0-3.1.hum1 (aarch64, x86_64) * gawk-devel-5.4.0-3.1.hum1 (aarch64, x86_64) * gawk-doc-5.4.0-3.1.hum1 (noarch) * gawk-5.4.0-3.1.hum1.src (src) Security Fix(es): gawk: * CVE-2026-40553

CVSS v4.0

Attack Vector
Local
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
Vuln. Confidentiality
None
Vuln. Integrity
None
Vuln. Availability
Low
Subsq. Confidentiality
None
Subsq. Integrity
None
Subsq. Availability
None
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected software

gnu/gawk
pkg:deb/gnu/gawk
Affected versions
=3.0

Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/14/2026, 09:40:48 UTC

Technical Analysis

This vulnerability involves a heap buffer overflow in gawk version 3.0 as reported by the Microsoft Security Response Center. The provided information does not include technical details about the cause or exploitation methods. There is no CVSS score or patch information available, and no known active exploitation has been reported.

Potential Impact

Heap buffer overflow vulnerabilities can potentially lead to memory corruption, which may allow an attacker to cause a denial of service or execute arbitrary code. However, without detailed technical or exploit information, the exact impact cannot be fully assessed.

Mitigation Recommendations

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no patch or workaround information is provided, users should monitor official Microsoft Security Response Center communications for updates.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Gcve Source
db.gcve.eu
Csaf Category
csaf_vex
Csaf Version
2.0
Publisher
Microsoft Security Response Center
Advisory Id
msrc_CVE-2026-40469
Cve Count
1
Additional Cves
[]
Cvss Version
null

Threat ID: 6a55ff7f68715ace432f3dfe

Added to database: 07/14/2026, 09:21:03 UTC

Last enriched: 07/14/2026, 09:40:48 UTC

Last updated: 07/18/2026, 13:36:42 UTC

Views: 4

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses