CVE-2026-46433

lldpd is an implementation of IEEE 802.1ab LLDP. Prior to version 1.0.22, lldpddecode in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove to shift the frame payload 4 bytes left. The third argument byte count is s - 2 ETHERADDRLEN but should be s - 2...

CVE-2026-46433

CVE-2026-46433 affects lldpd (LLDP implementation). Prior to version 1.0.22, lldpd_decode() incorrectly shifts frame payload when removing 802.1Q VLAN tags, using a length calculation that causes a 4-byte heap OOB read if the frame size equals the interface MTU. This vulnerability is fixed in ver...

CVE-2026-34341

Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...

EUVD-2026-29600

Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...

CVE-2026-34341

Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...

CVE-2026-34341 Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability

...

CVE-2026-34341 Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability

...

CVE-2026-34341

CVE-2026-34341 is a Windows LLDP (Link-Layer Discovery Protocol) vulnerability described as a double free in LLDP that allows an authenticated, local attacker to gain elevated privileges. The connected documents confirm the issue and impact (local privilege escalation) but do not provide concrete...

PT-2026-40160

Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...

CVE-2026-22627

A buffer copy without checking size of input 'classic buffer overflow' vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an unauthenticated attacker within the same adjacent network to execute unauthorized code or commands on the device via sending a crafted LLDP packet...

EUVD-2026-10514

A buffer copy without checking size of input 'classic buffer overflow' vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an unauthenticated attacker within the same adjacent network to execute unauthorized code or commands on the device via sending a crafted LLDP packet...

CVE-2026-22627

A buffer copy without checking size of input 'classic buffer overflow' vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an unauthenticated attacker within the same adjacent network to execute unauthorized code or commands on the device via sending a crafted LLDP packet...

CVE-2026-22627

A buffer copy without checking size of input 'classic buffer overflow' vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an unauthenticated attacker within the same adjacent network to execute unauthorized code or commands on the device via sending a crafted LLDP packet...

CVE-2026-22627

A buffer copy without checking size of input 'classic buffer overflow' vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an unauthenticated attacker within the same adjacent network to execute unauthorized code or commands on the device via sending a crafted LLDP packet...

Fortinet FortiSwitchAXFixed 安全漏洞

The Fortinet FortiSwitchAXFixed is a network switch device developed by the American company Fortinet. There were security vulnerabilities in the Fortinet FortiSwitchAXFixed version 1.0.0 to 1.0.1. These vulnerabilities stemmed from unchecked buffer copying of input sizes, which could allow...

PT-2026-24240

Name of the Vulnerable Software and Affected Versions FortiSwitchAXFixed versions 1.0.0 through 1.0.1 Description A buffer copy issue exists where the size of the input is not checked, potentially allowing an unauthenticated attacker on the same network to execute code or commands on the device...

Moxa VPort Cameras Integer Underflow (CVE-2021-25846)

Improper validation of the ChassisID TLV in userdisk/vportlldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows attackers to cause a denial of service due to a negative number passed to the memcpy function via a crafted lldp packet. This plugin only works with Tenable.ot. Please visit...

Moxa VPort Cameras Out-of-bounds Read (CVE-2021-25847)

Improper validation of the length field of LLDP-MED TLV in userdisk/vportlldpd in Moxa Camera VPort 06EC-2V Series, version 1.1, allows information disclosure to attackers due to controllable loop counter variable via a crafted lldp packet. This plugin only works with Tenable.ot. Please visit...

CVE-2026-20010

A vulnerability in the Link Layer Discovery Protocol LLDP feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of specific...

EUVD-2026-8664

A vulnerability in the Link Layer Discovery Protocol LLDP feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of specific...