CVE-2026-23991 | theupdateframework go-tuf up to 2.3.0 Repository/Mirror/Cache assertion (GHSA-846p-jg2w-w324)

Inserito da Angelo Barbosa | Gen 22, 2026 | CVE

A vulnerability classified as critical was found in theupdateframework go-tuf up to 2.3.0. Affected is an unknown function of the component Repository/Mirror/Cache. Executing a manipulation can lead to reachable assertion.

This vulnerability is handled as CVE-2026-23991. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-23991 | theupdateframework go-tuf up to 2.3.0 Repository/Mirror/Cache assertion (GHSA-846p-jg2w-w324)

Post correlati

CVE-2024-47571 | Fortinet FortiManager up to 6.4.12/7.0.8/7.2.3/7.4.0 operation after expiration (FG-IR-24-239)

CVE-2025-15217 | Tenda AC23 16.03.07.52 HTTP POST Request formSetPPTPUserList list buffer overflow

CVE-2024-42019 | Veeam ONE up to 12.1.0.3208 Reporter Service Privilege Escalation (kb4649)

CVE-2025-5683 | Qt up to 6.2.x/6.5.9/6.8.4/6.9.0 ICNS Image File denial of service