CVE-2026-44673: CWE-190: Integer Overflow or Wraparound in CESNET libyang
libyang is a YANG data modeling language library. Prior to SO 5.2.15, lyb_read_string() in src/parser_lyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer (NETCONF server, sysrepo, etc.) can trigger a crash or potential heap corruption. This vulnerability is fixed in SO 5.2.15.
AI Analysis
Technical Summary
The vulnerability exists in the lyb_read_string() function of libyang before version 5.2.15, where an integer overflow (CWE-190) occurs during parsing of LYB binary blobs. This overflow results in a heap buffer overflow, potentially causing application crashes or heap corruption. An attacker able to supply crafted LYB data to any libyang consumer (such as NETCONF servers or sysrepo) can trigger this condition. The vulnerability has a CVSS 3.1 base score of 7.5, indicating high severity with network attack vector, low attack complexity, no privileges or user interaction required, and impacts availability but not confidentiality or integrity. The issue is resolved in libyang 5.2.15.
Potential Impact
Exploitation of this vulnerability can cause denial of service through application crashes or heap corruption in software components that use libyang to parse LYB data. There is no indication of confidentiality or integrity impact. No known exploits are reported in the wild at this time.
Mitigation Recommendations
This vulnerability is fixed in libyang version 5.2.15. Users and administrators should upgrade to version 5.2.15 or later to remediate this issue. Since this is a library vulnerability, all dependent applications should be updated accordingly. Patch status is confirmed by the vendor's versioning information.
CVE-2026-44673: CWE-190: Integer Overflow or Wraparound in CESNET libyang
Description
libyang is a YANG data modeling language library. Prior to SO 5.2.15, lyb_read_string() in src/parser_lyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer (NETCONF server, sysrepo, etc.) can trigger a crash or potential heap corruption. This vulnerability is fixed in SO 5.2.15.
CVSS v3.1
Score 7.5high
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability exists in the lyb_read_string() function of libyang before version 5.2.15, where an integer overflow (CWE-190) occurs during parsing of LYB binary blobs. This overflow results in a heap buffer overflow, potentially causing application crashes or heap corruption. An attacker able to supply crafted LYB data to any libyang consumer (such as NETCONF servers or sysrepo) can trigger this condition. The vulnerability has a CVSS 3.1 base score of 7.5, indicating high severity with network attack vector, low attack complexity, no privileges or user interaction required, and impacts availability but not confidentiality or integrity. The issue is resolved in libyang 5.2.15.
Potential Impact
Exploitation of this vulnerability can cause denial of service through application crashes or heap corruption in software components that use libyang to parse LYB data. There is no indication of confidentiality or integrity impact. No known exploits are reported in the wild at this time.
Mitigation Recommendations
This vulnerability is fixed in libyang version 5.2.15. Users and administrators should upgrade to version 5.2.15 or later to remediate this issue. Since this is a library vulnerability, all dependent applications should be updated accordingly. Patch status is confirmed by the vendor's versioning information.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-07T16:20:08.659Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a0635daec166c07b010dd33
Added to database: 5/14/2026, 8:51:38 PM
Last enriched: 5/14/2026, 9:06:45 PM
Last updated: 6/16/2026, 2:54:01 AM
Views: 60
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.