A vulnerability, which was classified as problematic, has been found in GNU gawk up to 5.4.0. The impacted element is the function
do_sub of the file builtin.c. Performing a manipulation results in integer overflow.
This vulnerability is cataloged as CVE-2026-40469. The attack must be initiated from a local position. There is no exploit available.