CVE-2026-38639

An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of Service (DoS) via parsing a crafted input.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
References
https://github.com/Marsman1996/pocs/tree/master/redox/CVE-2026-38639
https://gitlab.redox-os.org/redox-os/relibc/-/issues/265
https://gitlab.redox-os.org/redox-os/relibc/-/merge_requests/990
https://gitlab.redox-os.org/redox-os/relibc/-/work_items/265