Home

Description

GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parse_content_range() function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigger undefined behavior and download desynchronization in the affected client.

PUBLISHED Reserved 2026-06-30 | Published 2026-07-07 | Updated 2026-07-14 | Assigner VulnCheck




MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

Integer Overflow or Wraparound

Product status

Default status
affected

Any version
affected

43d3ba9336bc94937e6fae2365c6ffd30c34ffcf (git)
unaffected

Credits

Tristan Madani finder

References

gitlab.com/...ommit/43d3ba9336bc94937e6fae2365c6ffd30c34ffcf (Fix Commit) patch

www.vulncheck.com/...erflow-via-content-range-header-parsing third-party-advisory

cve.org (CVE-2026-58470)

nvd.nist.gov (CVE-2026-58470)

Download JSON