VYPR
High severity8.2NVD Advisory· Published Apr 1, 2026· Updated May 26, 2026

CVE-2026-35091

CVE-2026-35091

Description

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol (UDP) packet. This can lead to an out-of-bounds read, causing a denial of service (DoS) and potentially disclosing limited memory contents

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

19

Patches

Vulnerability mechanics

References

17

News mentions

0

No linked articles in our index yet.