Sign In

CVE-2026-33845

ADVISORY - nist

Summary

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.

EPSS Score: 0.00046 (0.142)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-191

Integer Underflow (Wrap or Wraparound)

ADVISORY - redhat

CWE-191

Integer Underflow (Wrap or Wraparound)

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2026-33845
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-191

CVSS SCORE

7.5high

Alpine

CREATED

UPDATED

ADVISORY IDCVE-2026-33845
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

UPDATED

ADVISORY IDCVE-2026-33845
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2026-33845
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9.1medium

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2026-33845
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-191

CVSS SCORE

7.5high