Lucene search
K

442 matches found

CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

libyang 安全漏洞

LibYang is an open-source YANG data modeling language parser and toolkit developed in C language by CESNET. Versions of LibYang prior to 5.2.6 contained security vulnerabilities. These vulnerabilities stemmed from a write vulnerability in the lyd parsersetdataflags function, which allowed attacke...

7.1CVSS6.2AI score0.00519EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.16 views

PT-2026-43252

Name of the Vulnerable Software and Affected Versions libyang versions prior to 5.2.6 Description A heap use-after-free write occurs in the lyd parser set data flags function. This happens when the software incorrectly updates metadata list pointers while freeing non-head default metadata entries...

7.1CVSS5.9AI score0.00519EPSS
Exploits0References29
CBLMariner
CBLMariner
added 2026/05/23 3:30 p.m.12 views

CVE-2026-44673 affecting package libyang for versions less than 2.1.148-2

CVE-2026-44673 affecting package libyang for versions less than 2.1.148-2. A patched version of the package is available...

7.5CVSS5.8AI score0.00428EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/16 8:3 a.m.15 views

libyang: lyb_read_string() integer overflow → heap buffer overflow

...

7.5CVSS5.8AI score0.00428EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.11 views

SUSE CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

8.6CVSS6AI score0.00428EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/05/15 6:53 p.m.26 views

CVE-2026-44673

A flaw was found in libyang, a YANG data modeling language library. An integer overflow in the lybreadstring function can lead to a heap buffer overflow when parsing a maliciously crafted LYB binary blob. A remote attacker, by supplying this malicious LYB data to any libyang consumer such as a...

7.5CVSS6.3AI score0.00428EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-44673

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffe...

7.5CVSS5.9AI score0.00428EPSS
Exploits0References3
OSV
OSV
added 2026/05/14 9:16 p.m.5 views

DEBIAN-CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 9:16 p.m.23 views

CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS0.00428EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/05/14 9:16 p.m.10 views

CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References2
OSV
OSV
added 2026/05/14 9:16 p.m.13 views

UBUNTU-CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/14 8:35 p.m.46 views

CVE-2026-44673 libyang: lyb_read_string() integer overflow → heap buffer overflow

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS0.00428EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 8:35 p.m.10 views

CVE-2026-44673 libyang: lyb_read_string() integer overflow → heap buffer overflow

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 8:35 p.m.16 views

EUVD-2026-30484

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 8:35 p.m.6 views

CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References2
CVE
CVE
added 2026/05/14 8:35 p.m.41 views

CVE-2026-44673

CVE-2026-44673 affects libyang. The issue is an integer overflow in lyb_read_string() in src/parser_lyb.c, leading to a heap buffer overflow when parsing malicious LYB binary blobs. Affected path includes any libyang consumer that processes LYB data (e.g., NETCONF servers, sysrepo). Impact is cra...

7.5CVSS6AI score0.00428EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/05/14 8:35 p.m.10 views

CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.18 views

PT-2026-41121

Name of the Vulnerable Software and Affected Versions libyang versions prior to 5.2.15 Description The lyb read string function in src/parser lyb.c contains an integer overflow. This occurs when parsing a maliciously crafted LYB binary blob, leading to a heap buffer overflow. An attacker capable ...

7.5CVSS6.1AI score0.00428EPSS
Exploits0References40
SUSE CVE
SUSE CVE
added 2026/04/14 8:56 a.m.4 views

SUSE CVE-2019-20396

A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lysparsepath parsing...

6.5CVSS5.8AI score0.01914EPSS
Exploits1References2
Anthropic
Anthropic
added 2026/03/29 8:43 p.m.17 views

ANT-2026-TZQ1KH7E · libyang · Use-After-Free

use-after-free medium GHSA-9f49-8x56-jmjc Severity Claude medium · Security research firm medium · Maintainer unknown Discovered by Claude Mythos Preview REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Trail of Bits. ANT-2026-TZQ1KH7E: Heap...

6.2AI score
Exploits0
Rows per page
Query Builder