CVE-2026-22024 is a memory leak vulnerability classified under CWE-401 affecting NASA's CryptoLib, a software-only implementation of the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP). This library secures communications between spacecraft running the core Flight System (cFS) and ground stations. The vulnerability resides in the cryptography_encrypt() function, which allocates multiple buffers for handling HTTP requests and JSON parsing but fails to release these buffers on any execution path. Each invocation leaks roughly 400 bytes of memory. While the leak per call is relatively small, continuous or high-frequency calls can cumulatively exhaust system memory, leading to degraded performance or denial of service due to resource exhaustion. The vulnerability is exploitable remotely without authentication or user interaction, increasing its risk profile. The issue was identified and patched in CryptoLib version 1.4.3. No known exploits are currently reported in the wild. The vulnerability's CVSS 4.0 score is 6.3, reflecting its medium severity, with network attack vector, low complexity, no privileges required, and no user interaction needed. The scope is limited to systems using affected CryptoLib versions, typically in aerospace and space communication environments.

For European organizations, particularly those engaged in aerospace, satellite communications, space research, or defense sectors utilizing NASA's CryptoLib, this vulnerability could lead to gradual memory exhaustion on critical communication systems. This may cause system slowdowns, crashes, or denial of service, potentially disrupting spacecraft-to-ground communication links. Such disruptions could impact mission-critical operations, data integrity, and availability of space communication channels. While the vulnerability does not directly compromise confidentiality or integrity, the availability impact on space communication systems could have significant operational and strategic consequences. Organizations relying on this library must consider the risk of degraded system performance and potential mission interruptions. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially in high-traffic or long-duration communication scenarios.

The primary mitigation is to upgrade all instances of NASA's CryptoLib to version 1.4.3 or later, where the memory leak has been addressed. Organizations should implement rigorous memory usage monitoring on systems running affected versions to detect abnormal memory consumption patterns indicative of leaks. Employing automated alerts for memory thresholds can enable proactive response before exhaustion occurs. Additionally, limiting the frequency and volume of cryptography_encrypt() calls where feasible can reduce leak impact until patches are applied. Conduct thorough testing of patched versions in operational environments to ensure stability. For systems where immediate patching is not possible, consider isolating or segmenting affected components to minimize impact on critical infrastructure. Finally, maintain close coordination with NASA and relevant aerospace cybersecurity advisories for updates or further recommendations.