CVE-2026-16118
Received Received - Intake

Heap-based Buffer Overflow in xdgmime

Vulnerability report for CVE-2026-16118, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-17

Last updated on: 2026-07-17

Assigner: Red Hat, Inc.

Description

A flaw was found in xdgmime. A heap-based buffer overflow can be triggered in _xdg_mime_magic_parse_magic_line() in the xdgmimemagic.c file on little-endian systems when an attacker-controlled MIME magic file in a user-writable XDG data location (e.g., in the $XDG_DATA_HOME/mime/magic path) is parsed by an application performing MIME type detection (e.g., via g_content_type_guess()). When performing byte-swap, incorrect pointer arithmetic on the write side causes an out-of-bounds write of 2 bytes, resulting in an application crash or memory corruption.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-17
Last Modified
2026-07-17
Generated
2026-07-18
AI Q&A
2026-07-18
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
xdgmime xdgmime *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-122 A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This is a heap-based buffer overflow in the xdgmime library. It occurs in the _xdg_mime_magic_parse_magic_line() function when parsing attacker-controlled MIME magic files on little-endian systems. Incorrect pointer arithmetic during byte-swap operations causes a 2-byte out-of-bounds write, leading to application crashes or memory corruption.

Detection Guidance

Check for applications using xdgmime that parse MIME magic files. Inspect $XDG_DATA_HOME/mime/magic for suspicious files. Monitor system logs for crashes in applications like file managers or desktop environments.

Impact Analysis

An attacker could exploit this by tricking you into installing a malicious MIME magic file in a writable XDG data location. This could crash applications or corrupt memory, potentially allowing arbitrary code execution if combined with other vulnerabilities.

Mitigation Strategies

Remove write permissions to $XDG_DATA_HOME/mime/magic. Update xdgmime to the latest patched version. Avoid opening files from untrusted sources until mitigation is applied.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-16118. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart