Skip to main content

Xquic

1 CVEs product

Monthly

CVE-2026-6328 HIGH This Week

XQUIC library through version 1.8.3 on Linux permits signature verification bypass and protocol manipulation via crafted QUIC STREAM frames, allowing network attackers to inject forged data into encrypted QUIC connections. Exploitation requires high complexity network interception but needs no authentication (CVSS:4.0 AV:N/AC:H/PR:N). No active exploitation confirmed (not in CISA KEV), but upstream fix available via GitHub commit 4764604a0e487eeb49338b4498aecda2194eae84. Affects applications usi

Information Disclosure Xquic
NVD GitHub VulDB
CVSS 4.0
8.3
EPSS
0.1%
EPSS 0% CVSS 8.3
HIGH This Week

XQUIC library through version 1.8.3 on Linux permits signature verification bypass and protocol manipulation via crafted QUIC STREAM frames, allowing network attackers to inject forged data into encrypted QUIC connections. Exploitation requires high complexity network interception but needs no authentication (CVSS:4.0 AV:N/AC:H/PR:N). No active exploitation confirmed (not in CISA KEV), but upstream fix available via GitHub commit 4764604a0e487eeb49338b4498aecda2194eae84. Affects applications usi

Information Disclosure Xquic
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy