Lucene search
K

441 matches found

Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.16 views

PT-2026-43252

Name of the Vulnerable Software and Affected Versions libyang versions prior to 5.2.6 Description A heap use-after-free write occurs in the lyd parser set data flags function. This happens when the software incorrectly updates metadata list pointers while freeing non-head default metadata entries...

7.1CVSS5.9AI score0.00519EPSS
Exploits0References29
CBLMariner
CBLMariner
added 2026/05/23 3:30 p.m.10 views

CVE-2026-44673 affecting package libyang for versions less than 2.1.148-2

CVE-2026-44673 affecting package libyang for versions less than 2.1.148-2. A patched version of the package is available...

7.5CVSS5.8AI score0.00428EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/16 8:3 a.m.14 views

libyang: lyb_read_string() integer overflow → heap buffer overflow

...

7.5CVSS5.8AI score0.00428EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/16 1:11 a.m.11 views

SUSE CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

8.6CVSS6AI score0.00428EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/05/15 6:53 p.m.17 views

CVE-2026-44673

A flaw was found in libyang, a YANG data modeling language library. An integer overflow in the lybreadstring function can lead to a heap buffer overflow when parsing a maliciously crafted LYB binary blob. A remote attacker, by supplying this malicious LYB data to any libyang consumer such as a...

7.5CVSS6.3AI score0.00428EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-44673

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffe...

7.5CVSS5.9AI score0.00428EPSS
Exploits0References3
OSV
OSV
added 2026/05/14 9:16 p.m.5 views

DEBIAN-CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 9:16 p.m.23 views

CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS0.00428EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/05/14 9:16 p.m.10 views

CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References2
OSV
OSV
added 2026/05/14 9:16 p.m.12 views

UBUNTU-CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/14 8:35 p.m.6 views

CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References2
CVE
CVE
added 2026/05/14 8:35 p.m.39 views

CVE-2026-44673

CVE-2026-44673 affects libyang. The issue is an integer overflow in lyb_read_string() in src/parser_lyb.c, leading to a heap buffer overflow when parsing malicious LYB binary blobs. Affected path includes any libyang consumer that processes LYB data (e.g., NETCONF servers, sysrepo). Impact is cra...

7.5CVSS6AI score0.00428EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/14 8:35 p.m.45 views

CVE-2026-44673 libyang: lyb_read_string() integer overflow → heap buffer overflow

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS0.00428EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 8:35 p.m.15 views

EUVD-2026-30484

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/14 8:35 p.m.10 views

CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/14 8:35 p.m.10 views

CVE-2026-44673 libyang: lyb_read_string() integer overflow → heap buffer overflow

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

7.5CVSS6AI score0.00428EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.15 views

PT-2026-41121

Name of the Vulnerable Software and Affected Versions libyang versions prior to 5.2.15 Description The lyb read string function in src/parser lyb.c contains an integer overflow. This occurs when parsing a maliciously crafted LYB binary blob, leading to a heap buffer overflow. An attacker capable ...

7.5CVSS6.1AI score0.00428EPSS
Exploits0References40
SUSE CVE
SUSE CVE
added 2026/04/14 8:56 a.m.3 views

SUSE CVE-2019-20396

A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lysparsepath parsing...

6.5CVSS5.8AI score0.01914EPSS
Exploits1References2
Anthropic
Anthropic
added 2026/03/29 8:43 p.m.15 views

ANT-2026-TZQ1KH7E · libyang · Use-After-Free

use-after-free medium GHSA-9f49-8x56-jmjc Severity Claude medium · Security research firm medium · Maintainer unknown Discovered by Claude Mythos Preview REPORT Anthropic's analysis, sealed at approval. Disclosure to the maintainer was performed by Trail of Bits. ANT-2026-TZQ1KH7E: Heap...

6.2AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-15557

Malware in sbrugna...

7.5CVSS7.4AI score0.01407EPSS
Exploits1References4
Rows per page
Query Builder