HCE2-SA-2026-0011 Important HCE 2.0 Security Fix(es): A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string. (CVE-2025-13601) A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings. (CVE-2025-14087) A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib_x27;s GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values. (CVE-2025-14512) HCE 2.0 glib2-2.68.1-10.r26.hce2.x86_64.rpm glib2-devel-2.68.1-10.r26.hce2.x86_64.rpm glib2-help-2.68.1-10.r26.hce2.noarch.rpm glib2-2.68.1-10.r26.hce2.aarch64.rpm glib2-devel-2.68.1-10.r26.hce2.aarch64.rpm