Fedora 44 : libcoap (2026-148e35657a)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-148e35657a advisory. Update to 4.3.5b Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

SUSE CVE-2026-29013

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

CVE-2026-29013

A flaw was found in libcoap. Attackers can send specially crafted Constrained Application Protocol CoAP requests with malformed OSCORE options or responses during OSCORE negotiation. This can trigger out-of-bounds reads during CBOR parsing and potentially lead to heap buffer overflow writes due t...

CVE-2026-29013

creationtimestamp| type| source ---|---|--- 2026-04-17 23:20:15+00:00| published-proof-of-concept| Telegram/3g7V6SV71PzaXn8Yubvw4Z7qK4NE-jaYcye5068Hc2mjiw 2026-04-17 23:35:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjq3oezhpm2f...

CVE-2026-29013

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...