Medium severity5.5NVD Advisory· Published Apr 3, 2026· Updated Apr 13, 2026
CVE-2026-34933
CVE-2026-34933
Description
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13- osv-coords8 versionspkg:apk/chainguard/avahipkg:apk/chainguard/avahi-devpkg:apk/wolfi/avahipkg:apk/wolfi/avahi-devpkg:rpm/opensuse/avahi&distro=openSUSE%20Tumbleweedpkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/avahi&distro=SUSE%20Linux%20Enterprise%20Micro%205.5
< 0.9_rc4-r0+ 7 more
- (no CPE)range: < 0.9_rc4-r0
- (no CPE)range: < 0.9_rc4-r0
- (no CPE)range: < 0.9_rc4-r0
- (no CPE)range: < 0.9_rc4-r0
- (no CPE)range: < 0.8-43.1
- (no CPE)range: < 0.8-150400.7.31.2
- (no CPE)range: < 0.8-150400.7.31.2
- (no CPE)range: < 0.8-150400.7.31.2
Patches
Vulnerability mechanics
References
4- github.com/avahi/avahi/commit/625ca0fac19229f6dfa3a6c6b698ae657187e50cnvdPatch
- github.com/avahi/avahi/pull/891nvdIssue TrackingPatch
- www.openwall.com/lists/oss-security/2026/04/11/9nvdExploitMailing ListThird Party Advisory
- github.com/avahi/avahi/security/advisories/GHSA-w65r-6gxh-vhvcnvdExploitPatchVendor Advisory
News mentions
0No linked articles in our index yet.