EUVD-2026-22832
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionNVD
Improper input validation, Improper verification of cryptographic signature vulnerability in XQUIC Project XQUIC xquic on Linux (QUIC protocol implementation, packet processing module, STREAM frame handler modules) allows Protocol Manipulation.This issue affects XQUIC: through 1.8.3.
AnalysisAI
XQUIC library through version 1.8.3 on Linux permits signature verification bypass and protocol manipulation via crafted QUIC STREAM frames, allowing network attackers to inject forged data into encrypted QUIC connections. Exploitation requires high complexity network interception but needs no authentication (CVSS:4.0 AV:N/AC:H/PR:N). …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all applications and infrastructure using XQUIC library and document current versions in use. Within 7 days: Contact application vendors for XQUIC dependency updates and evaluate GitHub commit 4764604a0e487eeb49338b4498aecda2194eae84 for patching feasibility; implement network segmentation to limit QUIC traffic exposure if immediate patching is not possible. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today