Back to overview

CVE-2026-49235

HIGH
8.7
CVSS 4.0
Description
When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes.

Metadata

CVE ID
CVE-2026-49235
State
PUBLISHED
Assigner
NLnet Labs
Reserved
2026-05-28 08:28 UTC
Published
2026-06-08 12:59 UTC
Last updated
2026-06-08 15:40 UTC
Primary CWE
CWE-755
CWE-755 Improper Handling of Exceptional Conditions
Vendor / Product
NLnet Labs / Routinator
Sources
cve.org  ·  NVD

Severity & Metrics

8.7 HIGH CVSS 4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
SSVC — CISA Coordinator
Exploitation
none
Automatable
yes
Tech. Impact
partial
Affected products (1)
VendorProductPlatformVersions
NLnet Labs Routinator 0.15.2 < *
Weakness (CWE)
CWESourceDescription
CWE-755 cna CWE-755 Improper Handling of Exceptional Conditions
CVSS scores (1)
ScoreSeverityVersionSourceVector
8.7 HIGH 4.0 cna CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
References (1)
Back to overview