CVE-2026-40200

Q: What is the severity of CVE-2026-40200?

CVE-2026-40200 is considered a high severity vulnerability due to the potential for stack-based memory corruption.

Q: How do I fix CVE-2026-40200?

To fix CVE-2026-40200, upgrade musl libc to a version later than 1.2.6.

Q: What systems are affected by CVE-2026-40200?

CVE-2026-40200 affects musl libc versions from 0.7.10 to 1.2.6 on both 32-bit and 64-bit platforms.

Q: What kind of attack does CVE-2026-40200 enable?

CVE-2026-40200 could potentially allow an attacker to execute arbitrary code through stack corruption when processing very large arrays.

Q: How can I check if my version of musl libc is vulnerable to CVE-2026-40200?

You can check your version of musl libc against the vulnerability range specified in CVE-2026-40200 to determine if you are affected.

Published Apr 10, 2026

Updated

An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly implemented double-word primitives. The number of elements must exceed about seven million, i.e., the 32nd Leonardo number on 32-bit platforms (or the 64th Leonardo number on 64-bit platforms, which is not practical).

Affected Software

1 affected component

musl musl libc>=0.7.10<=1.2.6

Event History

Apr 10, 2026

CVE Published

via MITRE·12:00 AM

Data Sourced

via MITRE·12:00 AM

DescriptionSeverityWeakness

Data Sourced

via NVD·05:17 PM

DescriptionSeverityWeakness

Frequently Asked Questions

What is the severity of CVE-2026-40200?

CVE-2026-40200 is considered a high severity vulnerability due to the potential for stack-based memory corruption.

How do I fix CVE-2026-40200?

To fix CVE-2026-40200, upgrade musl libc to a version later than 1.2.6.

What systems are affected by CVE-2026-40200?

CVE-2026-40200 affects musl libc versions from 0.7.10 to 1.2.6 on both 32-bit and 64-bit platforms.

What kind of attack does CVE-2026-40200 enable?

CVE-2026-40200 could potentially allow an attacker to execute arbitrary code through stack corruption when processing very large arrays.

How can I check if my version of musl libc is vulnerable to CVE-2026-40200?

You can check your version of musl libc against the vulnerability range specified in CVE-2026-40200 to determine if you are affected.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.