EUVD-2026-31818

The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service temporary disruption of VPN-related functionality...

CVE-2026-48131 VPND IKE Fragment Reassembly - Heap Out-of-Bounds Write via Sequence Number Zero

The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service temporary disruption of VPN-related functionality...

CVE-2026-48131 VPND IKE Fragment Reassembly - Heap Out-of-Bounds Write via Sequence Number Zero

The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service temporary disruption of VPN-related functionality...

Astra Linux - уязвимость в strongswan

StrongSwan before version 5.9.12 has a buffer overflow vulnerability, and there is a possibility of unauthenticated remote code execution through a DH public key value that exceeds the internal buffer of charon-tkm’s DH proxy. The earliest affected version is 5.3.0. An attack can occur through a...

CVE-2026-48131 - VPND IKE Fragment Reassembly - Heap Out-of-Bounds Write via Sequence Number Zero

Symptoms - The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service temporary disruption of VPN-related functionality. - The...

CVE-2026-48132 - VPN service may restart unexpectedly when processing IKE traffic over NAT-T 4500/UDP

Symptoms - The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption o...

EUVD-2026-30105

A server-side request forgery SSRF vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service DoS condition. Panorama, Cloud NGFW and...

CVE-2026-35424

Missing release of memory after effective lifetime in Windows Internet Key Exchange IKE Protocol allows an unauthorized attacker to deny service over a network...

EUVD-2026-30064

A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service DoS condition. Panorama, Cloud NGFW, and Prisma® Access...

CVE-2026-0258

A server-side request forgery SSRF vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service DoS condition. Panorama, Cloud NGFW and...

PT-2026-40185

Missing release of memory after effective lifetime in Windows Internet Key Exchange IKE Protocol allows an unauthorized attacker to deny service over a network...

April Microsoft Patch Tuesday

April Microsoft Patch Tuesday. A total of 167 vulnerabilities, about twice as many as in March. There is one vulnerability already being exploited in the wild: 🔻 Spoofing - Microsoft SharePoint Server CVE-2026-32201. ZDI experts say "Spoofing bugs in SharePoint often manifest as cross-site...

CVE-2026-33824

Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network...

CVE-2026-33824

Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network...

CLSA-2025-1757947429 libreswan: Fix of CVE-2023-38711

CVE-2023-38711: fix a NULL pointer dereference in IKEv1 Quick Mode with IDIPV4ADDR/IDIPV6ADDR that causes a crash and restart of the pluto daemon when it receives an IDcr payload with IDFQDN...

Microsoft Windows IKE Extension 资源管理错误漏洞

Microsoft Windows IKE Extension is a network key exchange extension developed by Microsoft Corporation. There is a resource management vulnerability in Microsoft Windows IKE Extension. Attackers can exploit this vulnerability to execute code. The following products and versions are affected:...

KB5083769: Windows 11 Version 24H2 / Windows 11 Version 25H2 Security Update (April 2026)

The remote Windows host is missing security update 5083769. It is, therefore, affected by multiple vulnerabilities - Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network. CVE-2026-33824 - Protection mechanism failure in Windows Shell allows an...

KB5082063: Windows Server 2025 Security Update (April 2026)

The remote Windows host is missing security update 5082063. It is, therefore, affected by multiple vulnerabilities - Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network. CVE-2026-33824 - Protection mechanism failure in Windows Shell allows an...

KB5083768: Windows 11 Version 26H1 Security Update (April 2026)

The remote Windows host is missing security update 5083768. It is, therefore, affected by multiple vulnerabilities - Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network. CVE-2026-33824 - Protection mechanism failure in Windows Shell allows an...

KB5082200: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (April 2026)

The remote Windows host is missing security update 5082200. It is, therefore, affected by multiple vulnerabilities - Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network. CVE-2026-33824 - Protection mechanism failure in Windows Shell allows an...