CVE-2026-6985
published 2026-04-25CVE-2026-6985: A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle_opt of the file /src/net_builtin.c of the…
PriorityP346high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.56%
42.6th percentile
A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle_opt of the file /src/net_builtin.c of the component TCP Option Handler. This manipulation of the argument optlen causes infinite loop. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 7.21 is able to resolve this issue. Upgrading the affected component is advised. VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | — | — |
| cesanta | mongoose | >= 7.0 < 7.21 | 7.21 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv4.05.5MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3ppf-435x-3p66: A weakness has been identified in Cesanta Mongoose up to 7
ghsa_unreviewed·2026-04-25
CVE-2026-6985 [MEDIUM] CWE-404 GHSA-3ppf-435x-3p66: A weakness has been identified in Cesanta Mongoose up to 7
A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle_opt of the file /src/net_builtin.c of the component TCP Option Handler. This manipulation of the argument optlen causes infinite loop. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 7.21 is able to resolve this issue. Upgrading the affected component is advised. VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already.
VulDB
Cesanta Mongoose up to 7.20 TCP Option /src/net_builtin.c handle_opt optlen infinite loop
vuldb·2026-04-24·CVSS 5.5
CVE-2026-6985 [MEDIUM] Cesanta Mongoose up to 7.20 TCP Option /src/net_builtin.c handle_opt optlen infinite loop
A vulnerability was found in Cesanta Mongoose up to 7.20. It has been rated as problematic. This vulnerability affects the function handle_opt of the file /src/net_builtin.c of the component TCP Option Handler. This manipulation of the argument optlen causes infinite loop.
This vulnerability is tracked as CVE-2026-6985. The attack is possible to be carried out remotely. Moreover, an exploit is present.
Upgrading the affected component is advised.
VulDB has contacted the vendor early and they confirmed quickly, that this issue got fixed already.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-04-25
Published