QSearchQSearch

CVE-2026-49232

Routinator exits on any error when accepting incoming HTTP or RTR connections, including ones it can recover from such as running out of ...

Published: 2026-06-08 · Last updated: 2026-06-09

Severity and scoring

CWE
CWE-755

Description

Routinator exits on any error when accepting incoming HTTP or RTR connections, including ones it can recover from such as running out of file descriptors. This condition can be triggered maliciously by an attacker by opening a large number of connections to the HTTP or RTR server. This only affects users that make their HTTP or RTR server available to untrusted networks.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-44505 Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm (5.3 MEDIUM)
  • CVE-2023-43686 An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later) (6.2 MEDIUM)
  • CVE-2026-49235 When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes
  • CVE-2026-9516 Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter callback throws (7.5 HIGH)
  • CVE-2026-48524 PyJWT is a JSON Web Token implementation in Python (3.7 LOW)