Sign in Get started

← All advisories

Low severity3.7NVD Advisory· Published May 7, 2026· Updated May 7, 2026

CVE-2026-44603

CVE-2026-44603

Description

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007.

Affected products

2

Tpo/Torinferred
Range: <0.4.9.7
Torproject/Tor
cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*
Range: <0.4.9.7

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

gitlab.torproject.org/tpo/core/tor/-/commit/1703df3d439c83c2184e259fad1cfa19240f9c89nvdPatch
www.openwall.com/lists/oss-security/2026/05/06/8nvdMailing ListThird Party Advisory
forum.torproject.org/c/news/tor-release-announcement/28nvdRelease Notes

News mentions

0

No linked articles in our index yet.