High severity7.5NVD Advisory· Published Mar 16, 2026· Updated Apr 7, 2026
CVE-2026-30405
CVE-2026-30405
Description
An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to cause a denial of service via the NEXT_HOP path attribute
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/osrg/gobgp/v4Go | <= 4.3.0 | — |
Affected products
5- osv-coords4 versionspkg:apk/chainguard/kube-vippkg:apk/chainguard/kube-vip-fipspkg:apk/wolfi/kube-vippkg:golang/github.com/osrg/gobgp/v4
< 1.2.1-r0+ 3 more
- (no CPE)range: < 1.2.1-r0
- (no CPE)range: < 1.2.1-r0
- (no CPE)range: < 1.2.1-r0
- (no CPE)range: <= 4.3.0
Patches
Vulnerability mechanics
References
4- github.com/osrg/gobgp/issues/3305nvdExploitIssue TrackingVendor AdvisoryWEB
- github.com/advisories/GHSA-4p9m-8gc4-rw2hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-30405ghsaADVISORY
- github.com/osrg/gobgp/commit/583080a7258e22cc884162e15b078771aa2c2c80ghsaWEB
News mentions
0No linked articles in our index yet.