debian · CVE-2026-9150

Quick triage

Priority: not yet assigned Published: Updated: Sat, 11 Jul 2026 04:09:25 GMT

View at Official debian advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2026-9150 not yet assigned priority: Debian including 1 source packages (libsolv), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): open 3, resolved 2.

Description:

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption and a denial of service (DoS) in the affected system.

cvelogic Threat Intelligence