PT-2026-36730 · Unknown · Velociraptor
Faisal Alhumaid
+1
·
Published
2026-05-03
·
Updated
2026-05-04
·
CVE-2026-6948
CVSS v3.1
4.9
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Velociraptor versions prior to 0.76.4
Description
A resource exhaustion issue exists in the server's agent control channel. A compromised or rogue client can crash the server by causing out-of-memory (OOM) conditions through the transmission of crafted messages via the standard client communication channel.
Recommendations
Update to version 0.76.4 or later.
Fix
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Velociraptor