CVE-2026-44600

A flaw was found in Tor. This vulnerability occurs due to mishandling of the conflux out-of-order queue accounting during queue clearing. A remote attacker with high attack complexity could exploit this flaw, leading to a denial of service...

CVE-2026-44599

A flaw was found in Tor. This vulnerability allows a remote attacker to manipulate directory information by attempting or accepting specific BEGINDIR messages through an internal mechanism known as conflux legs. This could result in a low integrity impact, where the accuracy or trustworthiness of...

SUSE CVE-2026-44597

Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011...

SUSE CVE-2026-44599

Tor before 0.4.9.7 can attempt or accept BEGINDIR via conflux legs, aka TROVE-2026-008...

SUSE CVE-2026-44600

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...

SUSE CVE-2026-44602

Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006...

CVE-2026-44601

A flaw was found in Tor. When the system experiences circuit queue memory pressure, a remote attacker could potentially trigger a double close of a circuit, leading to a client crash. This vulnerability can result in a Denial of Service DoS for affected Tor clients...

CVE-2026-44602

A flaw was found in Tor. A remote attacker could exploit this vulnerability by sending a specially crafted CERT cell out of order, leading to a NULL pointer dereference. This issue can cause a denial of service DoS, making the Tor service unavailable to legitimate users...

CVE-2026-44601

Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009...

CVE-2026-44603

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...

CVE-2026-44603

Summary (CVE-2026-44603) Tor before 0.4.9.7 contains an out-of-bounds read by one byte triggered by a malformed BEGIN cell (TROVE-2026-007). Red Hat describes it as a remote-a exploitable flaw that can cause a low-impact Denial of Service, potentially making the service unavailable to legitimate ...

CVE-2026-44603

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...

CVE-2026-44603

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...

CVE-2026-44603

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007...

CVE-2026-44602

Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006...

CVE-2026-44602

Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006...

DEBIAN-CVE-2026-44600

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...

CVE-2026-44599

Tor before 0.4.9.7 can attempt or accept BEGINDIR via conflux legs, aka TROVE-2026-008...

CVE-2026-44601

Tor could crash a client when facing circuit queue memory pressure due to a double close of a circuit (TROVE-2026-009). Affected software: Tor prior to version 0.4.9.7. Root cause: circuit handling under memory pressure allows a double close, causing a denial of service on affected clients. Impac...

CVE-2026-44601

Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009...