Amazon Linux 2023 : ngtcp2, ngtcp2-crypto-gnutls, ngtcp2-crypto-gnutls-devel (ALAS2023-2026-1633)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1633 advisory. ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer...

[SECURITY] Fedora 44 Update: ngtcp2-1.22.1-1.fc44

"Call it TCP/2. One More Time." ngtcp2 project is an effort to implement RFC9000 QUIC protocol...

[SECURITY] Fedora 43 Update: ngtcp2-1.22.1-1.fc43

"Call it TCP/2. One More Time." ngtcp2 project is an effort to implement RFC9000 QUIC protocol...

Fedora 43 : ngtcp2 (2026-a0f25484e9)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-a0f25484e9 advisory. Update to 1.22.1 rhbz2452790 - Fixes CVE-2026-40170 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

Fedora 44 : ngtcp2 (2026-705eb9cf95)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-705eb9cf95 advisory. Update to 1.22.1 rhbz2452790 - Fixes CVE-2026-40170 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

OPENSUSE-SU-2026:10621-1 libngtcp2-16-1.22.1-1.1 on GA media

These are all security issues fixed in the libngtcp2-16-1.22.1-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-41166

OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.1, a user who has write:admin in one Keycloak realm can call the Manager API to update Keycloak realm roles for users in another realm, including master. The handler uses the realm path segment when talking to the...

CVE-2026-41166 OpenRemote has Improper Access Control via updateUserRealmRoles function

OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.1, a user who has write:admin in one Keycloak realm can call the Manager API to update Keycloak realm roles for users in another realm, including master. The handler uses the realm path segment when talking to the...

CVE-2026-41166

Summary of CVE-2026-41166 : OpenRemote prior to v1.22.1 allows a user with the OpenRemote Keycloak realm role write:admin in one realm to call the Manager API and update realm roles for users in a different realm, including the master realm. The underlying issue is that the handler uses the {real...

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass via the updateUserRealmRoles function. An attacker can escalate privileges by invoking the API with a valid token from one realm to modify user roles in another realm, potentially granting administrative access to...

OPENSUSE-SU-2026:10577-1 skopeo-1.22.1-1.1 on GA media

These are all security issues fixed in the skopeo-1.22.1-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2026-40170

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...

CVE-2026-40170

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...

CVE-2026-40170

ngtcp2 (QUIC) vulnerability: in versions before 1.22.1, ngtcp2_qlog_parameters_set_transport_params() writes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking, enabling a stack buffer overflow when qlog is enabled and large untrusted parameters are received dur...

CVE-2026-40170

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...

CVE-2026-40170 ngtcp2 has a qlog transport parameter serialization stack buffer overflow

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...

EUVD-2026-23302

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...

CVE-2026-40170

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2qlogparameterssettransportparams serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport...

ngtcp2 安全漏洞

ngtcp2 is an open-source library developed by ngtcp2. Versions of ngtcp2 prior to 1.22.1 contained security vulnerabilities. These vulnerabilities stemmed from the fact that when qlog was enabled, the ngtcp2qlogparameterssettransportparams function serialized transport parameters into a fixed-siz...

PT-2026-33369

Name of the Vulnerable Software and Affected Versions ngtcp2 versions prior to 1.22.1 Description The ngtcp2 qlog parameters set transport params function serializes peer transport parameters into a fixed 1024-byte stack buffer without performing bounds checking. When qlog is enabled, a remote pe...