CVE-2026-5358

CVE Details

Visit the official vulnerability details page for CVE-2026-5358 to learn more.

Initial Publication

04/20/2026

Last Update

04/21/2026

Third Party Dependency

glibc

NIST CVE Summary

The obsolete nis_local_principal function in the GNU C Library version 2.43 and older may overflow a buffer in the data section, which could allow an attacker to spoof a crafted response to a UDP request generated by this function and overwrite neighboring static data in the requesting application.

NIS support is obsolete and has been deprecated in the GNU C Library since version 2.26 and is only maintained for legacy usage. Applications should port away from NIS to more modern identity and access management services.

CVE Severity

9.1

Our Official Summary

Investigation is ongoing to determine how this vulnerability affects our products.

Status

Undergoing Analysis

Affected Products & Versions

Version	PaletteAI	PaletteAI VerteX
1.0.7	⚠️ Impacted	⚠️ Impacted

Revision History

No revisions available.

CVE Details​

Initial Publication​

Last Update​

Third Party Dependency​

NIST CVE Summary​

CVE Severity​

Our Official Summary​

Status​

Affected Products & Versions​

Revision History​