Low severity3.7NVD Advisory· Published May 7, 2026· Updated May 8, 2026
CVE-2026-44602
CVE-2026-44602
Description
Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- gitlab.torproject.org/tpo/core/tor/-/commit/df7d5174ef41814d806c8ede776e230cd30ac12bnvdPatch
- forum.torproject.org/c/news/tor-release-announcement/28nvdRelease Notes
- www.openwall.com/lists/oss-security/2026/05/06/8nvdMailing ListRelease Notes
News mentions
0No linked articles in our index yet.