vulnerability context

CVE-2026-56099

CVSS 5.3 MEDIUMEPSS 34%CWE-125OTX 8 pulses

OpenBSD before commit 6a23123 (2026-06-18) contains an out-of-bounds read vulnerability in the mpls_do_error function within sys/netmpls/mpls_input.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set.

Published 2026-06-18 · last modified 2026-06-27

details

CISA KEV status: Not in catalog
CVSS v3: 5.3 / MEDIUM
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS: 34% percentile (score 0.0042)
CWE: CWE-125
OTX pulses: 8 total, 0 recent

View on NVD → · cve.org

source mentions 2

OpenBSD MPLS kernel stack leaks remotely (CVE-2026-56099)r/redteamsec · 10d ago
OpenBSD MPLS kernel stack leaks remotely (CVE-2026-56099)r/netsec · 10d ago

source consensus

r/redteamsec1×
r/netsec1×

Want the 3-bullet summary of CVE-2026-56099, plus webhook alerts when KEV is updated? Pro is $10/mo.

Open in reader See Pro →