2 matches found
CVE-2026-26311 Envoy HTTP: filter chain execution on reset streams causing UAF crash
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, a logic vulnerability in Envoy's HTTP connection manager FilterManager that allows for Zombie Stream Filter Execution. This issue creates a "Use-After-Free" UAF or state-corruption window where...
CVE-2026-26311
creationtimestamp| type| source ---|---|--- 2026-03-10 16:05:37+00:00| published-proof-of-concept| https://github.com/envoyproxy/envoy/security/advisories/GHSA-84xm-r438-86px...