CVE-2026-55677

Echo is a Go web framework. Prior to 4.15.3 and 5.2.0, Echo's router and static file handler disagree on URL path decoding. The router matches routes using the raw encoded path preserving %2F as-is, while StaticDirectoryHandler unescapes %2F to / before resolving filesystem paths. This allows an...

CVE-2026-55677 Echo: Encoded slash (%2F) bypasses route-level protection and exposes static files

Echo is a Go web framework. Prior to 4.15.3 and 5.2.0, Echo's router and static file handler disagree on URL path decoding. The router matches routes using the raw encoded path preserving %2F as-is, while StaticDirectoryHandler unescapes %2F to / before resolving filesystem paths. This allows an...

CVE-2026-55677

Echo (Go framework) prior to 4.15.3 and 5.2.0 has a router vs static file handler decoding mismatch: the router uses the raw encoded path while StaticDirectoryHandler unescapes %2F to /, enabling bypass of route-level access controls to read static files without authorization. The vulnerability i...

ECHO-F12B-6676-395C

Bulletin has no description...

ECHO-B0B6-3E4E-5537

Bulletin has no description...

ECHO-2158-5503-61C4

Bulletin has no description...

ECHO-CD1D-69C8-523B

Bulletin has no description...

CVE-2026-53246

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A remote attacker could exploit this by sending a specially crafted COOKIEECHO chunk to a listening SCTP server. The server's failure to properly validate the length of a cached peer INIT chunk within...

ECHO-8413-BF93-7DC1

Bulletin has no description...

ECHO-502D-311B-E0E0

Bulletin has no description...

CVE-2026-53246

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

EUVD-2026-39197

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

CVE-2026-53246

CVE-2026-53246 affects the Linux kernel SCTP implementation. When a listening SCTP server processes a COOKIE_ECHO chunk, a cached peer INIT chunk embedded after the cookie could have its header length inflated beyond the remaining COOKIE_ECHO data. This allowed the parameter walk performed by sct...

CVE-2026-53208

The CVE concerns the Linux kernel Bluetooth stack (L2CAP) where BR/EDR signaling packets larger than the signaling MTU could be accepted and cause an attacker to trigger multiple ECHO_RSP frames before pairing. Specifically, l2cap_sig_channel() allowed BR/EDR signaling packets up to the channel M...

ECHO-84B2-B2CE-8A5F

Bulletin has no description...

CVE-2026-52924

In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling sctpstreamupdate is only invoked when the association is moved into COOKIEWAIT during association setup/reconfiguration. In this path, the outbound stream scheduler state...

CVE-2026-52924

The CVE‑2026‑52924 affects the Linux kernel SCTP implementation. A corner case during a Stale Cookie transition (COOKIE_ECHO→COOKIE_WAIT) can leave out_curr pointing to a freed sctp_stream_out after purging the old stream table, causing use‑after‑free in SCTP scheduling paths (e.g., sctp_sched_fc...

ECHO-4E4C-B37E-F35F

Bulletin has no description...

ECHO-E352-AA77-0D12

Bulletin has no description...

ECHO-2791-8592-919C

Bulletin has no description...