CVE-2026-48684

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10

Description An out-of-bounds read exists in the NetFlow v9 options template parser. In the process netflow v9 options template() function, the scope parsing loop iterates until scopes offset reaches the attacker-controlled option scope length value without validating that the memory access remains within the flowset. A similar issue occurs in the options field loop involving option length. Additionally, option scope length is not verified to be a multiple of sizeof(netflow9 template flowset record t), which may lead to misaligned reads. This allows an attacker to trigger reads beyond the end of the UDP packet buffer.

Recommendations Update to version 1.2.10 or later.