PatchSiren cyber security CVE debrief
CVE-2026-58470 gnuwget CVE debrief
CVE-2026-58470 is an integer overflow vulnerability in GNU Wget through 1.25.0. The vulnerability exists in the parse_content_range() function within src/http.c. It allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigger undefined behavior and download desynchronization in the affected client.
- Vendor
- gnuwget
- Product
- wget
- CVSS
- MEDIUM 6.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-07
- Original CVE updated
- 2026-07-07
- Advisory published
- 2026-07-07
- Advisory updated
- 2026-07-07
Who should care
Users of GNU Wget version 1.25.0 or earlier should be aware of this vulnerability. This vulnerability has been fixed in a later version. System administrators and developers using GNU Wget in their applications should assess the risk and apply the necessary patches or updates.
Technical summary
The CVE-2026-58470 vulnerability is caused by an integer overflow in the parse_content_range() function within src/http.c of GNU Wget through 1.25.0. This function does not properly handle large Content-Range headers, leading to a potential overflow of signed integer arithmetic. An attacker can exploit this by providing a malicious Content-Range header value, which could result in undefined behavior and desynchronization of downloads in the affected client.
Defensive priority
Medium priority should be given to patching or updating GNU Wget to a version that includes the fix for this vulnerability, especially in environments where GNU Wget is used to download content from untrusted or potentially malicious sources.
Recommended defensive actions
- Inventory GNU Wget installations to identify affected versions.
- Update GNU Wget to a version that includes the fix for this vulnerability.
- Implement compensating controls such as validating Content-Range headers on critical systems.
- Monitor for suspicious activity related to GNU Wget usage.
- Review system logs for potential exploitation attempts.
- Perform a thorough risk assessment to identify potential exposure.
- Develop a remediation plan to address identified vulnerabilities.
Evidence notes
The CVE record was published on 2026-07-07T21:17:28.553Z and has not been modified since then. The NVD entry is currently being reviewed. Evidence limits suggest that GNU Wget users should verify their deployments for potential exposure and review vendor guidance for patching or mitigation strategies. Defensive verification tasks include checking system logs for suspicious activity related to GNU Wget usage and implementing compensating controls for critical systems.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-07T21:17:28.553Z and has not been modified since then.