CVE-2026-13588 | seladb PcapPlusPlus 25.05 TLS Hello SSLHandshake.cpp getHandshakeVersion handshakeVersion heap-based overflow (Issue 2151)

Inserito da Angelo Barbosa | Giu 29, 2026 | CVE

A vulnerability was found in seladb PcapPlusPlus 25.05. It has been declared as critical. The impacted element is the function pcpp::SSLClientHelloMessage::getHandshakeVersion of the file Packet++/src/SSLHandshake.cpp of the component TLS Hello Handler. Executing a manipulation of the argument handshakeVersion can lead to heap-based buffer overflow.

This vulnerability is registered as CVE-2026-13588. It is possible to launch the attack remotely. Furthermore, an exploit is available.

It is best practice to apply a patch to resolve this issue.

CVE-2026-13588 | seladb PcapPlusPlus 25.05 TLS Hello SSLHandshake.cpp getHandshakeVersion handshakeVersion heap-based overflow (Issue 2151)

Post correlati

CVE-2024-42676 | Huizhi Enterprise Resource Management System up to 1.0 DNPageAjaxPostBack /nssys/common/Upload unrestricted upload

CVE-2023-47705 | IBM Security Guardium Key Lifecycle Manager 4.3 Username input validation (XFDB-271228)

CVE-2023-53145 | Linux Kernel up to 6.1.51 Bluetooth btsdio_remove use after free

CVE-2025-1616 | FiberHome AN5506-01A ONU GPON RP2511 Diagnosis Destination Address os command injection