CVE-2026-5124

Name of the Vulnerable Software and Affected Versions osrg GoBGP versions through 4.3.0

Description A security issue has been identified in osrg GoBGP. The BGPHeader.DecodeFromBytes function within the BGP Header Handler component, located in the file pkg/packet/bgp/bgp.go, is susceptible to improper access controls. Remote exploitation is possible, and the attack is considered to have high complexity with difficult exploitability.

Recommendations Deploy the patch with identifier f0f24a2a901cbf159260698211ab15c583ced131.