Linuxsecurity
Critical Wget Vulnerabilities Affect Multiple Ubuntu Versions
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Multiple vulnerabilities were discovered in Wget, affecting Ubuntu versions 14.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, 24.04 LTS, and 26.04 LTS. CVE-2024-38428 allows remote attackers to trick users into connecting to unintended hosts via URL manipulation. CVE-2026-58469 and CVE-2026-58471 can lead to denial of service or arbitrary code execution due to mishandling of Metalink documents and character set conversion, respectively. CVE-2026-58470 involves an integer overflow from incorrect handling of Content-Range header values, potentially causing download desynchronization. The vulnerabilities were published on July 7, 2026, and are critical for users of affected Ubuntu versions. Users are advised to update their systems to mitigate these risks.
Key Points: • Wget vulnerabilities affect multiple Ubuntu LTS versions, including 14.04 to 26.04. • CVE-2024-38428 allows attackers to redirect users to unintended hosts. • CVE-2026-58469 and CVE-2026-58471 can lead to denial of service or code execution.