A vulnerability classified as problematic was found in GNU gawk up to 5.4.0. The affected element is the function ftype of the file extension/readdir.c of the component Directory Reader. Such manipulation leads to buffer overflow.

This vulnerability is listed as CVE-2026-40553. The attack must be carried out locally. There is no available exploit.