CVE-2026-48684
published 2026-05-26CVE-2026-48684: FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In process_netflow_v9_options_template()…
PriorityP335medium6.5CVSS 3.1
AVNACLPRNUINSUCLINAL
EPSS
0.26%
17.7th percentile
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In process_netflow_v9_options_template() (src/netflow_plugin/netflow_v9_collector.cpp), the scope parsing loop (lines 224-229) iterates until scopes_offset reaches the attacker-controlled option_scope_length value, reading netflow9_template_flowset_record_t structures at each step. No bounds check validates that (zone_address + scopes_offset + sizeof(record)) stays within the flowset. The same issue affects the options field loop (lines 241-257) with option_length. Furthermore, option_scope_length is not validated to be a multiple of sizeof(netflow9_template_flowset_record_t), potentially causing misaligned reads. An attacker can trigger reads past the end of the UDP packet buffer.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pavel-odintsov | fastnetmon | <= 1.2.9 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-48684 fastnetmon: out-of-bounds read in the NetFlow v9 options template parser [fedora-all]
bugzilla·2026-05-28·CVSS 6.5
CVE-2026-48684 [MEDIUM] CVE-2026-48684 fastnetmon: out-of-bounds read in the NetFlow v9 options template parser [fedora-all]
CVE-2026-48684 fastnetmon: out-of-bounds read in the NetFlow v9 options template parser [fedora-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Bugzilla
CVE-2026-48684 fastnetmon: out-of-bounds read in the NetFlow v9 options template parser [epel-all]
bugzilla·2026-05-28·CVSS 6.5
CVE-2026-48684 [MEDIUM] CVE-2026-48684 fastnetmon: out-of-bounds read in the NetFlow v9 options template parser [epel-all]
CVE-2026-48684 fastnetmon: out-of-bounds read in the NetFlow v9 options template parser [epel-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Bugzilla
CVE-2026-48684 fastnetmon: out-of-bounds read in the NetFlow v9 options template parser
bugzilla·2026-05-26·CVSS 6.5
CVE-2026-48684 [MEDIUM] CVE-2026-48684 fastnetmon: out-of-bounds read in the NetFlow v9 options template parser
CVE-2026-48684 fastnetmon: out-of-bounds read in the NetFlow v9 options template parser
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In process_netflow_v9_options_template() (src/netflow_plugin/netflow_v9_collector.cpp), the scope parsing loop (lines 224-229) iterates until scopes_offset reaches the attacker-controlled option_scope_length value, reading netflow9_template_flowset_record_t structures at each step. No bounds check validates that (zone_address + scopes_offset + sizeof(record)) stays within the flowset. The same issue affects the options field loop (lines 241-257) with option_length. Furthermore, option_scope_length is not validated to be a multiple of sizeof(netflow9_template_flowset_record_t), potentiall
2026-05-26
Published