Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-4437

Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.4%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2026-4437
  • Gnu » Glibc » Version: 2.34
    cpe:2.3:a:gnu:glibc:2.34
  • Gnu » Glibc » Version: 2.34.9000
    cpe:2.3:a:gnu:glibc:2.34.9000
  • Gnu » Glibc » Version: 2.35
    cpe:2.3:a:gnu:glibc:2.35
  • Gnu » Glibc » Version: 2.35.9000
    cpe:2.3:a:gnu:glibc:2.35.9000
  • Gnu » Glibc » Version: 2.36
    cpe:2.3:a:gnu:glibc:2.36
  • Gnu » Glibc » Version: 2.36.113
    cpe:2.3:a:gnu:glibc:2.36.113
  • Gnu » Glibc » Version: 2.36.9000
    cpe:2.3:a:gnu:glibc:2.36.9000
  • Gnu » Glibc » Version: 2.37
    cpe:2.3:a:gnu:glibc:2.37
  • Gnu » Glibc » Version: 2.37.38
    cpe:2.3:a:gnu:glibc:2.37.38
  • Gnu » Glibc » Version: 2.37.9000
    cpe:2.3:a:gnu:glibc:2.37.9000
  • Gnu » Glibc » Version: 2.38
    cpe:2.3:a:gnu:glibc:2.38
  • Gnu » Glibc » Version: 2.38.19
    cpe:2.3:a:gnu:glibc:2.38.19
  • Gnu » Glibc » Version: 2.38.9000
    cpe:2.3:a:gnu:glibc:2.38.9000
  • Gnu » Glibc » Version: 2.39
    cpe:2.3:a:gnu:glibc:2.39
  • Gnu » Glibc » Version: 2.39.9000
    cpe:2.3:a:gnu:glibc:2.39.9000
  • Gnu » Glibc » Version: 2.40
    cpe:2.3:a:gnu:glibc:2.40
  • Gnu » Glibc » Version: 2.40.9000
    cpe:2.3:a:gnu:glibc:2.40.9000
  • Gnu » Glibc » Version: 2.41
    cpe:2.3:a:gnu:glibc:2.41
  • Gnu » Glibc » Version: 2.41.9000
    cpe:2.3:a:gnu:glibc:2.41.9000


Products
Pricing
Contact Us

Shodan ® - All rights reserved