Skip to main content

Src

1 CVEs product

Monthly

CVE-2026-56099 MEDIUM POC PATCH This Month

Kernel stack memory disclosure in OpenBSD's MPLS input processing exposes arbitrary kernel stack contents to unauthenticated remote attackers via crafted MPLS frames. The flaw exists in `mpls_do_error` within `sys/netmpls/mpls_input.c` (revision 1.81), where a label-stack iterator lacked an upper-bounds guard, allowing a 16-label frame with no Bottom-of-Stack bit to drive an out-of-bounds read. A publicly available exploit exists per the Argus Systems advisory; this vulnerability is not confirmed as actively exploited in the CISA KEV catalog, and the CVSS 4.0 score is 6.9.

Information Disclosure Buffer Overflow Src
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.4%
EPSS 0% CVSS 6.9
MEDIUM POC PATCH This Month

Kernel stack memory disclosure in OpenBSD's MPLS input processing exposes arbitrary kernel stack contents to unauthenticated remote attackers via crafted MPLS frames. The flaw exists in `mpls_do_error` within `sys/netmpls/mpls_input.c` (revision 1.81), where a label-stack iterator lacked an upper-bounds guard, allowing a 16-label frame with no Bottom-of-Stack bit to drive an out-of-bounds read. A publicly available exploit exists per the Argus Systems advisory; this vulnerability is not confirmed as actively exploited in the CISA KEV catalog, and the CVSS 4.0 score is 6.9.

Information Disclosure Buffer Overflow Src
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy