CVE-2026-8836 | lwIP up to 2.2.1 snmpv3 USM src/apps/snmp/snmp_msg.c snmp_parse_inbound_frame msgAuthenticationParameters stack-based overflow (Bug 68194)

Inserito da Angelo Barbosa | Mag 18, 2026 | CVE

A vulnerability marked as critical has been reported in lwIP up to 2.2.1. Affected is the function snmp_parse_inbound_frame of the file src/apps/snmp/snmp_msg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow.

This vulnerability was named CVE-2026-8836. The attack may be initiated remotely. There is no available exploit.

It is suggested to install a patch to address this issue.

CVE-2026-8836 | lwIP up to 2.2.1 snmpv3 USM src/apps/snmp/snmp_msg.c snmp_parse_inbound_frame msgAuthenticationParameters stack-based overflow (Bug 68194)

Post correlati

CVE-2024-5942 | Page and Post Clone Plugin up to 6.0 on WordPress resource injection

CVE-2024-43044 | Jenkins prior LTS 2.452.3/2.470 Agent Process ClassLoaderProxy#fetchJar information disclosure

CVE-2024-47066 | lobehub lobe-chat up to 1.19.12 route.ts server-side request forgery

CVE-2024-37350 | Absolute Secure Access up to 13.05 Policy Management UI cross site scripting