🟠 High  |  Source: Microsoft Security Response Center


CVE-2026-58012 is a buffer over-read vulnerability in GLib’s regular expression handling, specifically in the g_regex_replace() function within the gregex.c component. An attacker could potentially exploit this to read data beyond allocated memory boundaries, which may lead to information disclosure or application instability. GLib is a widely used foundational library across Linux-based systems and cloud workloads, making the potential blast radius significant.

Security Architect’s Take: Audit Azure Linux-based workloads and container images for GLib dependencies and prioritise patching to a remediated version; also review any custom applications that invoke GLib regex functions, as these may be directly exposed to untrusted input.

Original advisory: CVE-2026-58012 Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()