PT-2026-42717 · Opensuse+10 · Alloy+56

Maciej Kawka

·

Published

2026-05-22

·

Updated

2026-07-09

·

CVE-2026-46597

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions The product name cannot be determined (affected versions not specified)
Description An incorrectly placed cast from bytes to int in the AES-GCM packet decoder allows for a server-side panic when processing well-crafted inputs. A server-side panic is a critical error that causes the application to crash unexpectedly.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Type Conversion or Cast

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CLEANSTART-2026-AP10784
CLEANSTART-2026-BA41349
CLEANSTART-2026-BP02821
CLEANSTART-2026-BX78383
CLEANSTART-2026-CH64198
CLEANSTART-2026-CL67452
CLEANSTART-2026-CN27900
CLEANSTART-2026-CP20786
CLEANSTART-2026-EA12165
CLEANSTART-2026-EU52554
CLEANSTART-2026-FA38569
CLEANSTART-2026-FF85222
CLEANSTART-2026-IH16568
CLEANSTART-2026-KJ72865
CLEANSTART-2026-KZ96078
CLEANSTART-2026-MI06133
CLEANSTART-2026-MO16862
CLEANSTART-2026-MR08661
CLEANSTART-2026-NT30039
CLEANSTART-2026-NU38786
CLEANSTART-2026-PF69993
CLEANSTART-2026-QN97697
CLEANSTART-2026-QU83011
CLEANSTART-2026-RE02723
CLEANSTART-2026-RL64341
CLEANSTART-2026-RQ86436
CLEANSTART-2026-SW10568
CLEANSTART-2026-VD09973
CLEANSTART-2026-VD47610
CLEANSTART-2026-VO11205
CLEANSTART-2026-VX15911
CLEANSTART-2026-WA48911
CLEANSTART-2026-WF25734
CLEANSTART-2026-WS85269
CLEANSTART-2026-XV65906
CLEANSTART-2026-YG71543
CLEANSTART-2026-YK91867
CLEANSTART-2026-YY48565
CVE-2026-46597
GHSA-Q4H4-GMJ2-QVW2
GO-2026-5013
OPENSUSE-SU-2026:10843-1
OPENSUSE-SU-2026:10856-1
OPENSUSE-SU-2026:10858-1
OPENSUSE-SU-2026:10889-1
OPENSUSE-SU-2026:10949-1
OPENSUSE-SU-2026:11126-1
OPENSUSE-SU-2026:11198-1
OPENSUSE-SU-2026:20834-1
OPENSUSE-SU-2026:20838-1
OPENSUSE-SU-2026:20902-1
OPENSUSE-SU-2026:20956-1
OPENSUSE-SU-2026:21069-1
OPENSUSE-SU-2026:21079-1
OPENSUSE-SU-2026:21084-1
OPENSUSE-SU-2026:21120-1
OPENSUSE-SU-2026:21210-1
OPENSUSE-SU-2026:21244-1
OPENSUSE-SU-2026:21251-1
SUSE-SU-2026:22065-1
SUSE-SU-2026:22074-1
SUSE-SU-2026:22157-1
SUSE-SU-2026:22159-1
SUSE-SU-2026:22193-1
SUSE-SU-2026:22226-1
SUSE-SU-2026:22242-1
SUSE-SU-2026:22249-1
SUSE-SU-2026:22376-1
SUSE-SU-2026:22423-1
SUSE-SU-2026:22442-1
SUSE-SU-2026:22451-1
SUSE-SU-2026:22516-1
SUSE-SU-2026:2467-1
SUSE-SU-2026:2468-1
SUSE-SU-2026:2581-1
SUSE-SU-2026:2609-1
SUSE-SU-2026:2611-1
SUSE-SU-2026:2612-1
SUSE-SU-2026:2665-1
SUSE-SU-2026:2706-1
SUSE-SU-2026:2733-1
SUSE-SU-2026:2824-1
SUSE-SU-2026:2827-1

Affected Products

Alloy
Amazon-Ssm-Agent
Apko
Apptainer
Argo Cd
Argo Workflows
Buildah
Cadvisor
Calico
Calicoctl
Cert-Manager
Cilium-Cli
Kubernetes Containerd
Cortex
Cosign
Crypto++
Distribution
Docker-Cli-Buildx
Elastic-Beats
Elemental-Toolkit
Etcd
External-Secrets
Git-Bug
Golang-Go.Crypto
Golang.Org/X/Crypto
Golang.Org/X/Crypto/Ssh
Google-Guest-Agent
Google-Osconfig-Agent
Gostatsd
Grype
Hauler
Helm
Helm-Operator
Istio
Kube-State-Metrics
Kube-Vip
Kubernetes-Csi-External-Provisioner-Fips
Kubernetes-Csi-External-Snapshotter-Fips
Lxd
Mcphost
Memcached-Exporter
Mongodb
Nats-Streaming
Osv-Scanner
Percona-Server-Mongodb-Operator
Podman
Prometheus-Mysqld-Exporter
Rclone
Rootio-Golang.Org/X/Crypto
Sealed-Secrets
Skopeo
Snapd
Spice-Server
Spire-Server-Fips
Trivy
Vault
Velociraptor