CVE-2026-9150: Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums

Overview

Severity
Medium (CVSS 6.5)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U
Exploit Status
Not Exploited
Patch Tuesday
2026-May
Released
2026-05-27
Last Updated
2026-06-28
EPSS Score
0.40% (percentile: 32.1%)

Affected Products (2)

Other

  • 21362-17084
  • 21477-17084

Revision History

  • 2026-05-27: Information published.
  • 2026-05-28: Information published.
  • 2026-06-04: Information published.
  • 2026-06-28: Information published.