Threats Tagged 'cve-2026-11404'
View all threats tagged with 'cve-2026-11404'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-11404'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-11404: Out-of-bounds Read in Cesanta MongooseCVE-2026-11404 0 Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mg_tls_server_recv_hello(), which uses an attacker-controlled session_id_len byte from a TLS ClientHello as a buffer index without validating it against the length of received data. A remote, unauthenticated attacker can send a single crafted ClientHello with an oversized session id length to read past the receive buffer, crashing any HTTPS, MQTTS, or WSS service built on MG_TLS_BUILTIN. Join the discussion | CVE Database V5 | 07/09/2026, 15:13:40 UTC Added: 07/09/2026, 15:33:27 UTC |
Showing 1 to 1 of 1 result