Skip to main content

Libnfs

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-53689 HIGH PATCH This Week

Heap memory corruption in libnfs through 6.0.2 allows a malicious NFS server to trigger an integer overflow in the client's XDR string deserializer when a victim connects to it. The flaw resides in libnfs_zdr_string in lib/libnfs-zdr.c, which failed to validate that an attacker-controlled string size fit within the remaining buffer. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Buffer Overflow Libnfs
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.1%
CVE-2026-53689
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Heap memory corruption in libnfs through 6.0.2 allows a malicious NFS server to trigger an integer overflow in the client's XDR string deserializer when a victim connects to it. The flaw resides in libnfs_zdr_string in lib/libnfs-zdr.c, which failed to validate that an attacker-controlled string size fit within the remaining buffer. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Buffer Overflow Libnfs
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy