CVE-2026-7736

HIGH SEVERITY

CVSS Score & Metrics

Base Score

7.3 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L                                    

Vulnerability Description

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this issue. This patch is called 76d911046344a3923cbe573364197aa081944592. It is suggested to upgrade the affected component.

Vulnerability Details

Published Date

May 04, 2026

Last Modified

May 06, 2026

CWE ID

CWE-189

Source

NVD

Vendor

osrg

Product

gobgp

External References

https://github.com/osrg/gobgp/
https://github.com/osrg/gobgp/commit/76d911046344a3923cbe573364197aa081944592
https://github.com/osrg/gobgp/releases/tag/v4.4.0
https://vuldb.com/submit/807604
https://vuldb.com/vuln/360911
https://vuldb.com/vuln/360911/cti

CVE-2026-7736

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment