CVE-2026-53689
7.1 HIGHlibnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer overflow during a connection to a crafted NFS ...
Published: 2026-06-10 · Last updated: 2026-06-10
Severity and scoring
- CVSS
- 7.1 HIGH
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
- CWE
- CWE-1284
Description
libnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer overflow during a connection to a crafted NFS server. This occurs in libnfs_zdr_string in lib/libnfs-zdr.c.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-11596 — In ScreenConnect™ versions prior to 26.2, input validation within the Host Pass creation functionality could allow an authenticated user ... (4.7 MEDIUM)
- CVE-2026-49777 — Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious... (10.0 CRITICAL)
- CVE-2026-47329 — Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification respo... (3.3 LOW)
- CVE-2026-9801 — A flaw was found in Keycloak (4.9 MEDIUM)
- CVE-2026-44635 — Kysely is a type-safe TypeScript SQL query builder (7.5 HIGH)