Vulnerability Database>CVE-2026-33845

CVE-2026-33845

‍

Publish date: April 28, 2026

Severity

High

CVSS score

7.5

Package

gnutls28

Affected versions

>= 3.7.9-2+deb12u4

A flaw in GnuTLS DTLS handshake parsing permits malformed fragments that have a zero length and a non-zero offset. This situation leads to an integer underflow during the reassembly process, resulting in an out-of-bounds read. The issue is remotely exploitable and could cause information disclosure or denial of service.

‍

Learn about Echo's vulnerability management

Learn more

CVE-2026-33845

NVD Record:

References:

Related CVEs: