{"id":"JLSEC-2026-667","summary":"GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode...","details":"GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idna_to_unicode_internal. The affected code is not present in libidn2.","modified":"2026-07-18T00:02:19.789329945Z","published":"2026-07-14T14:59:33.004Z","upstream":["CVE-2026-57053","GHSA-xpv7-vm32-p7wv","EUVD-2026-38523"],"database_specific":{"license":"CC-BY-4.0","sources":[{"database_specific":{"status":"Analyzed"},"id":"CVE-2026-57053","imported":"2026-07-17T22:22:24.418Z","modified":"2026-06-29T19:40:25.163Z","published":"2026-06-23T18:18:10.827Z","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-57053","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-57053"},{"modified":"2026-06-23T18:31:56Z","published":"2026-06-23T18:31:45Z","url":"https://api.github.com/advisories/GHSA-xpv7-vm32-p7wv","html_url":"https://github.com/advisories/GHSA-xpv7-vm32-p7wv","id":"GHSA-xpv7-vm32-p7wv","imported":"2026-07-17T22:22:24.609Z"},{"published":"2026-06-23T16:40:22Z","url":"https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2026-38523","html_url":"https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-38523","id":"EUVD-2026-38523","imported":"2026-07-17T22:22:34.456Z","modified":"2026-06-23T17:40:14Z"}]},"references":[{"type":"WEB","url":"https://github.com/advisories/GHSA-xpv7-vm32-p7wv"},{"type":"WEB","url":"https://lists.gnu.org/archive/html/help-libidn/2026-05/msg00000.html"},{"type":"WEB","url":"https://lists.gnu.org/archive/html/help-libidn/2026-06/msg00001.html"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-57053"}],"affected":[{"package":{"name":"libidn_jll","ecosystem":"Julia","purl":"pkg:julia/libidn_jll?uuid=f0f5855d-14eb-5155-b6cb-9f6c251f73bb"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.44.0+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-667.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"}]}