SUSE CVE-2026-34183

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

CVE-2026-50009 Netty QUIC stateless reset token material exposed through header-visible connection IDs

Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the...

PT-2026-48901

Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the...

openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

A flaw was found in OpenSSL's QUIC PATHCHALLENGE handler. A remote attacker can exploit this vulnerability by flooding a QUIC client or server with specially crafted PATHCHALLENGE frames. This leads to unbounded memory allocation within the local QUIC stack, as the system continuously allocates...

CVE-2026-34183

A flaw was found in OpenSSL's QUIC PATHCHALLENGE handler. A remote attacker can exploit this vulnerability by flooding a QUIC client or server with specially crafted PATHCHALLENGE frames. This leads to unbounded memory allocation within the local QUIC stack, as the system continuously allocates...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the QUIC stack, when flooded with PATHCHALLENGE frames. A malicious remote peer can exhaust heap memory and terminate a QUIC client or server. Remediation A fix was pushed into the...

EUVD-2026-35481

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

EUVD-2026-35479

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

CVE-2026-34183

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

CVE-2026-34183 Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

UBUNTU-CVE-2026-34183

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

UBUNTU-CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

PT-2026-47834

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A NULL pointer dereference occurs in the OpenSSL QUIC server when receiving a QUIC initial packet containing an invalid or expired token. This issue is triggered specifically when address...

GHSA-CMM3-54F8-PX4J Netty's Default QUIC token handler accepts any client-supplied token

NoQuicTokenHandler is the tokenHandler used when the application does not set one. Its writeToken returns false server will not send Retry — acceptable, but validateToken unconditionally return 0. In QuicheQuicServerCodec.handlePacket, a non-negative return from validateToken is interpreted as...

DEBIAN-CVE-2026-40898

quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.59.1, an attacker can cause excessive memory allocation in quic-go's HTTP/3 client and server implementations by sending a QPACK-encoded HEADERS frame that decodes into a large trailer field section with many unique field...

EUVD-2026-34312

quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.59.1, an attacker can cause excessive memory allocation in quic-go's HTTP/3 client and server implementations by sending a QPACK-encoded HEADERS frame that decodes into a large trailer field section with many unique field...

ngtcp2: ngtcp2: Denial of service via stack buffer overflow during QUIC handshake

A flaw was found in ngtcp2, a C implementation of the IETF QUIC Quick UDP Internet Connections protocol. A remote attacker can exploit a stack buffer overflow vulnerability by sending specially crafted, large transport parameters during the QUIC handshake. This occurs when the qlog callback is...

OPENSUSE-SU-2026:20865-1 Security update for python-uv

This update for python-uv fixes the following issues: - CVE-2026-31812: quinn-proto: denial of service via crafted QUIC initial packet bsc1259624. - CVE-2026-32766: astral-tokio-tar: malformed PAX extensions can lead to archive misinterpretation bsc1259966...

CVE-2026-44640 NanoMQ: QUIC Dialer Close Type Confusion

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to 0.24.14, aio-provdata is stored as nniquicconn during dialing, but read as exquicconn during dialer close. This type confusion causes invalid object interpretation and leads to close-path hang/crash behavior. This...

Important: nginx

Issue Overview: When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their source IP address allowing for bypass of authorization or bypass of rate limiting. Note: Software versions which have reached End of Technical Support EoTS are...