VYPR
High severity7.3NVD Advisory· Published May 4, 2026· Updated May 6, 2026

CVE-2026-7735

CVE-2026-7735

Description

A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attribute Parser. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. Upgrading to version 4.4.0 is able to address this issue. The patch is named 51ad1ada06cb41ce47b7066799981816f50b7ced. The affected component should be upgraded.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Osrg/Gobgp2 versions
    cpe:2.3:a:osrg:gobgp:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:osrg:gobgp:*:*:*:*:*:*:*:*range: <4.4.0
    • (no CPE)range: <=4.3.0

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.