A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption.

A flaw was found in how GLibs GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesnt. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

The version of Java installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory.
  - Vulnerability in Oracle Java SE (component: JavaFX (libxslt)). Supported versions that are affected are     Oracle Java SE: 8u471-b50. Difficult to exploit vulnerability allows unauthenticated attacker with network     access via multiple protocols to compromise Oracle Java SE. Successful attacks require human interaction     from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of     Oracle Java SE. (CVE-2025-7425)

  - Vulnerability in Oracle Java SE (component: JavaFX (WebKitGTK)). Supported versions that are affected are     Oracle Java SE: 8u471-b50. Difficult to exploit vulnerability allows unauthenticated attacker with network     access via multiple protocols to compromise Oracle Java SE. Successful attacks require human interaction     from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of     Oracle Java SE. (CVE-2025-43368)

  - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of     Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u471,     8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and 21.0.9; Oracle     GraalVM Enterprise Edition: 21.3.16. Easily exploitable vulnerability allows unauthenticated attacker with     network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM     Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a     hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM     Enterprise Edition. (CVE-2026-21945)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Azul Zulu installed on the remote host is 6 prior to 6.77.0.12 / 7 prior to 7.83.0.12 / 8 prior to 8.91.0.12 / 11 prior to 11.85.12 / 17 prior to 17.63.12 / 21 prior to 21.47.14 / 25 prior to 25.31.14. It is, therefore, affected by multiple vulnerabilities as referenced in the 2026-01-20 advisory.

  - A flaw was found in how GLib's GString manages memory when adding data to strings. If a string is already     very large, combining it with more input can cause a hidden overflow in the size calculation. This makes     the system think it has enough memory when it doesn't. As a result, data may be written past the end of     the allocated memory, leading to crashes or memory corruption. (CVE-2025-6052)

  - A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations     can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of     service when processing crafted input. (CVE-2025-6021)

  - A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts     internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this     corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory,     causing crashes or enabling attackers to trigger heap corruption. (CVE-2025-7425)

  - A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26,     iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.
    (CVE-2025-43368)

  - In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a     heap buffer while parsing an MP4 file, possibly leading to information disclosure. (CVE-2025-47219)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7942-1 advisory.

    It was discovered that GLib incorrectly handled escaping URI strings. An attacker could use this issue to     cause GLib to crash, resulting in a denial of service, or possibly execute arbitrary code.
    (CVE-2025-13601)

    It was discovered that GLib incorrectly parsed certain GVariants. An attacker could use this issue to     cause GLib to crash, resulting in a denial of service, or possibly execute arbitrary code.
    (CVE-2025-14087)

    It was discovered that GLib incorrectly parsed certain long invalid ISO 8601 timestamps. An attacker could     possibly use this issue to cause GLib to crash, resulting in a denial of service. This issue only affected     Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2025-3360)

    It was discovered that GLib incorrectly handled GString memory operations. An attacker could use this     issue to cause GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. This     issue only affected Ubuntu 24.04 LTS and Ubuntu 25.04. (CVE-2025-6052)

    It was discovered that GLib incorrectly handled creating temporary files. An attacker could possibly use     this issue to access unauthorized data. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and     Ubuntu 25.04. (CVE-2025-7039)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0745 advisory.

    Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:

    CVE-2025-6052:
    A flaw was found in how GLibs GString manages memory when adding data to strings. If a string is     already very large, combining it with more input can cause a hidden overflow in the size calculation. This     makes the system think it has enough memory when it doesnt. As a result, data may be written past the     end of the allocated memory, leading to crashes or memory corruption.

    CVE-2025-4373:
    A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar()     function. When the position at which to insert the character is large, the position will overflow, leading     to a buffer underwrite.

    CVE-2025-3360:
    A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO     8601 timestamp with the g_date_time_new_from_iso8601() function.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - A flaw was found in how GLib's GString manages memory when adding data to strings. If a string is already     very large, combining it with more input can cause a hidden overflow in the size calculation. This makes     the system think it has enough memory when it doesn't. As a result, data may be written past the end of     the allocated memory, leading to crashes or memory corruption. (CVE-2025-6052)

Note that Nessus relies on the presence of the package as reported by the vendor.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1069 advisory.

    A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO     8601 timestamp with the g_date_time_new_from_iso8601() function. (CVE-2025-3360)

    A flaw was found in how GLib's GString manages memory when adding data to strings. If a string is already     very large, combining it with more input can cause a hidden overflow in the size calculation. This makes     the system think it has enough memory when it doesn't. As a result, data may be written past the end of     the allocated memory, leading to crashes or memory corruption. (CVE-2025-6052)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02167-1 advisory.

    - CVE-2025-6052: Fixed integer overflow in g_string_maybe_expand() leads to potential buffer overflow in     GString (bsc#1244596).
    - CVE-2025-4373: Fixed buffer underflow through glib/gstring.c via function g_string_insert_unichar     (bsc#1242844).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-60e9097b77 advisory.

    FIx CVE-2025-6052.

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-2c1425a4e4 advisory.

    FIx CVE-2025-6052.

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
505423	Siemens RUGGEDCOM RST2428P Integer Overflow or Wraparound (CVE-2025-6052)	Tenable OT Security	Tenable.ot	high
294870	Oracle Java SE Multiple Vulnerabilities (January 2026 CPU)	Nessus	Misc.	medium
294803	Azul Zulu Java Multiple Vulnerabilities (2026-01-20)	Nessus	Misc.	high
281923	Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : GLib vulnerabilities (USN-7942-1)	Nessus	Ubuntu Local Security Checks	critical
275987	TencentOS Server 4: librsvg2 (TSSA-2025:0745)	Nessus	Tencent Local Security Checks	high
258244	Linux Distros Unpatched Vulnerability : CVE-2025-6052	Nessus	Misc.	high
241779	Amazon Linux 2023 : glib2, glib2-devel, glib2-static (ALAS2023-2025-1069)	Nessus	Amazon Linux Local Security Checks	low
241039	SUSE SLED15: gio-branding-upstream / glib2-devel / glib2-devel-32bit / etc (SUSE-SU-2025:02167-1)	Nessus	SuSE Local Security Checks	high
240347	Fedora 42 : mingw-glib2 (2025-60e9097b77)	Nessus	Fedora Local Security Checks	low
240345	Fedora 41 : mingw-glib2 (2025-2c1425a4e4)	Nessus	Fedora Local Security Checks	low

Detections

Analytics

CVE-2025-6052

high

Tenable Plugins

high

medium

high

critical

high

high

low

high

low

low