CVE-2026-48683

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10

Description An out-of-bounds read exists in the NetFlow v9 data flowset processor within the src/netflow plugin/netflow v9 collector.cpp file. The Data template branch iterates over flow records without performing a per-iteration bounds check against the packet end pointer, unlike the Options template branch which correctly validates the packet length. Because template definitions are sent via unauthenticated UDP by a network peer, an attacker can craft malicious templates to force the parser to read arbitrary memory beyond the packet buffer, potentially leading to sensitive memory leakage or a system crash.

Recommendations Update to a version later than 1.2.9.