PT-2026-22177 · Red Os · Red Os

Aknuds1

·

Published

2026-02-26

·

Updated

2026-06-15

·

CVE-2026-27141

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions versions prior to 2026-27141
Description A missing nil check allows a server to panic when receiving specific HTTP/2 frames, specifically those ranging from 0x0a to 0x0f. This issue does not have any reported real-world incidents or estimated numbers of affected devices. The vulnerability is related to the parsing of HTTP/2 frames.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

AZL-78629
AZL-78653
AZL-78656
AZL-78659
AZL-78662
AZL-78680
BDU:2026-04597
CLEANSTART-2026-AE87452
CLEANSTART-2026-AQ75465
CLEANSTART-2026-DF22934
CLEANSTART-2026-DS01292
CLEANSTART-2026-FB05615
CLEANSTART-2026-FQ05951
CLEANSTART-2026-FR97108
CLEANSTART-2026-FX27781
CLEANSTART-2026-GB46352
CLEANSTART-2026-HA09227
CLEANSTART-2026-LB23787
CLEANSTART-2026-LD15132
CLEANSTART-2026-MJ36694
CLEANSTART-2026-MK01488
CLEANSTART-2026-MK40719
CLEANSTART-2026-MQ21261
CLEANSTART-2026-MT27167
CLEANSTART-2026-MU81308
CLEANSTART-2026-OI10284
CLEANSTART-2026-OS42112
CLEANSTART-2026-PE63912
CLEANSTART-2026-PZ85180
CLEANSTART-2026-SM37781
CLEANSTART-2026-UG20989
CLEANSTART-2026-UJ59341
CLEANSTART-2026-UM45661
CLEANSTART-2026-UY60586
CLEANSTART-2026-VS17175
CLEANSTART-2026-VZ08395
CLEANSTART-2026-WN01990
CVE-2026-27141
GO-2026-4559
OPENSUSE-SU-2026:10294-1
OPENSUSE-SU-2026:10313-1
OPENSUSE-SU-2026:10385-1
RHSA-2026:7291
RHSA-2026:7385
SUSE-SU-2026:0757-1
USN-8430-1

Affected Products

Red Os