CVE-2026-37461

Published: May 4, 2026

Modified: May 5, 2026

PUBLISHED

Description

An out-of-bounds read in the ParseIP6Extended function (/bgp/bgp.go) of gobgp v4.3.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/osrg/gobgp/blob/v4.3.0/pkg/packet/bgp/bgp.go

https://github.com/osrg/gobgp/commit/362cce3e325f56e7a4f792ccb9689b3bdda9e682

https://github.com/osrg/gobgp/commit/9ce8936672ebc07df524da77fa4c6ae26d92be6d

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-37461

Description

Affected Products

References