Lucene search
K

764 matches found

RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-58374

A flaw was found in hostapd. An unauthenticated attacker within wireless range can send a specially crafted management frame during Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing. This crafted frame, containing a malformed Multi-Link Element or Per-STA Profile...

7.1CVSS6AI score0.00282EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/07/01 3:14 a.m.5 views

SUSE CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

7.1CVSS6AI score0.00282EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-58374

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticate...

7.1CVSS6.1AI score0.00282EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 1:19 p.m.13 views

CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

7.1CVSS0.00282EPSS
Exploits0References5
OSV
OSV
added 2026/06/30 1:19 p.m.3 views

UBUNTU-CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

7.1CVSS5.8AI score0.00282EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/30 12:35 p.m.8 views

EUVD-2026-40306

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

6.5CVSS5.8AI score0.00282EPSS
Exploits0References5
CVE
CVE
added 2026/06/30 12:35 p.m.30 views

CVE-2026-58374

CVE-2026-58374 describes a bounds-check vulnerability in hostapd (before 2.12) where an MLO association request can cause an out-of-bounds write due to parsing a link_id value of 15, while the storage only supports IDs 0–14. This unauthenticated, range-limited attacker could trigger a denial of s...

7.1CVSS5.8AI score0.00282EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/30 12:35 p.m.33 views

CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

6.5CVSS0.00282EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/06/30 12:35 p.m.6 views

CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

7.1CVSS5.8AI score0.00282EPSS
Exploits0
OSV
OSV
added 2026/06/30 12:35 p.m.3 views

CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

6.5CVSS6AI score0.00282EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2026/06/30 12:35 p.m.6 views

CVE-2026-58374

In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...

7.1CVSS5.7AI score0.00282EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-53877

Name of the Vulnerable Software and Affected Versions hostapd versions 2.11 through 2.11 Description A missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted managemen...

7.1CVSS5.9AI score0.00282EPSS
Exploits0References17
OSV
OSV
added 2026/06/26 8:17 p.m.4 views

DEBIAN-CVE-2026-53317

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References1
OSV
OSV
added 2026/06/26 8:17 p.m.3 views

UBUNTU-CVE-2026-53317

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/26 7:41 p.m.7 views

CVE-2026-53317

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.5CVSS5.8AI score0.00114EPSS
Exploits0
EUVD
EUVD
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39852

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.8AI score0.00114EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.12 views

PT-2026-52956

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A firmware crash occurs in the mt7921 wifi driver when a station is configured with an Association Identifier AID greater than 20. This issue specifically affects IFTYPE AP interfaces an...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References18
OSV
OSV
added 2026/06/15 1:55 p.m.2 views

OPENSUSE-SU-2026:20985-1 Security update for hostapd

This update for hostapd fixes the following issues: Changes in hostapd: - bsc1268083 - hostapd segmentation fault during fast restart cycles. - CVE-2025-24912: hostapd fails to process crafted RADIUS packets properly bsc1239461...

3.7CVSS5.8AI score0.00716EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in wpa

There exists a exploitable denial-of-service vulnerability in hostapd 2.6. An attacker could trigger the AP to send IAPP location updates for stations, even before the required authentication process is completed. This could lead to various denial-of-service scenarios, either by causing CAM table...

7.4CVSS6.9AI score0.0092EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in wpa

In Hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association. An attacker who has successfully bootstrapped public keys with another entity using PKEX in the past will be able to subvert future bootstrapping attempts by passively observing the public keys. By...

6.5CVSS6.8AI score0.00353EPSS
Exploits0References2
Rows per page
Query Builder