A vulnerability identified as critical has been detected in GNU wget up to 1.25.0. The affected element is the function
parse_content_range of the file src/http.c. The manipulation leads to integer overflow.
This vulnerability is traded as CVE-2026-58470. It is possible to initiate the attack remotely. There is no exploit available.