CVE-2026-0849
published 2026-03-16CVE-2026-0849: Malformed ATAES132A responses with an oversized length field overflow a 52-byte stack buffer in the Zephyr crypto driver, allowing a compromised device or bus…
PriorityP432medium6.8CVSS 3.1
AVPACLPRNUINSUCHIHAH
EPSS
0.24%
15.0th percentile
Malformed ATAES132A responses with an oversized length field overflow a 52-byte stack buffer in the Zephyr crypto driver, allowing a compromised device or bus attacker to corrupt kernel memory and potentially hijack execution.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zephyrproject-rtos | zephyr | * – 4.3 | — |
| zephyrproject | zephyr | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No advisories linked to this vulnerability.
No detection rules found.
No public exploits indexed.
Wiz
CVE-2026-0849 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 3.8
CVE-2026-0849 [LOW] CVE-2026-0849 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-0849 :
NixOS vulnerability analysis and mitigation
Malformed ATAES132A responses with an oversized length field overflow a 52-byte stack buffer in the Zephyr crypto driver, allowing a compromised device or bus attacker to corrupt kernel memory and potentially hijack execution.
Source : NVD
## 6.8
Score
Published March 16, 2026
Severity MEDIUM
CNA Score 3.8
Affected Technologies
NixOS
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 5
Exploitation Probability (EPSS) N/A
Affected packages and libraries
zephyr
Sources
NVD
Nix Severity MEDIUM No Fix Added at: Apr 05, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud—so you can focus on wha
Bugzilla
CVE-2026-21933 openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)
bugzilla·2026-01-15·CVSS 6.1
CVE-2026-21933 [MEDIUM] CVE-2026-21933 openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)
CVE-2026-21933 openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)
There is a CRLF injection vulnerability in HttpServer in JDK which may
lead to potential XSS.
Discussion:
This issue has been addressed in the following products:
OPENJDK ELS 11.0.30
Via RHSA-2026:0849 https://access.redhat.com/errata/RHSA-2026:0849
---
This issue has been addressed in the following products:
Red Hat OpenShift Lightspeed
Via RHSA-2026:1070 https://access.redhat.com/errata/RHSA-2026:1070 https://coolgamesonline.io
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7 Extended Lifecycle Support
Via RHSA-2026:0931 https://access.redhat.com/errata/RHSA-2026:0931
---
OpenJDK-8 upstream commit:
https://github.com/openjdk/jdk8u/commit/332d177c5504e067406
2026-03-16
Published