CVE-2026-5124 | osrg GoBGP up to 4.3.0 BGP Header pkg/packet/bgp/bgp.go BGPHeader.DecodeFromBytes access control (ID 3340)

Inserito da Angelo Barbosa | Mar 30, 2026 | CVE

A vulnerability marked as problematic has been reported in osrg GoBGP up to 4.3.0. Affected is the function BGPHeader.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP Header Handler. The manipulation leads to improper access controls.

This vulnerability is referenced as CVE-2026-5124. Remote exploitation of the attack is possible. No exploit is available.

To fix this issue, it is recommended to deploy a patch.

CVE-2026-5124 | osrg GoBGP up to 4.3.0 BGP Header pkg/packet/bgp/bgp.go BGPHeader.DecodeFromBytes access control (ID 3340)

Post correlati

CVE-2026-27147 | GetSimple CMS up to 3.3.22 SVG File Parser cross site scripting (GHSA-5gmq-hrcx-6w45)

CVE-2024-40642 | netty-incubator-codec-ohttp up to 0.0.12 HTTP Protocol readRequestHead server-side request forgery (GHSA-q8f2-hxq5-cp4h)

CVE-2025-41393 | Ricoh Company Laser Printer/MFP Ricoh Web Image Monitor cross site scripting (ricoh-2025-000001)

CVE-2025-8071 | CloudVod Plugin up to 2.1.10 on WordPress audio cross site scripting