CVE Catalog
CVE-2026-38639
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.17%
6th percentile — higher than 6% of all known CVEs
Summary
A vulnerability in the parse_month function (/time/strptime.rs) of relibc (commit ab6a2e) allows an attacker to cause a Denial of Service (DoS) by parsing a crafted input.
Risk Assessment
An attacker can remotely crash applications using relibc, leading to service disruption and potential financial losses.
Recommendation
Update relibc to a patched version or implement input validation before passing data to the parse_month function as a temporary workaround.
Original NVD description (English source)
An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of Service (DoS) via parsing a crafted input.

