{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61377?format=json","vulnerability_id":"VCID-wmgu-n9kx-xygw","summary":"frr: denial of service via crafted UPDATE message","aliases":[{"alias":"CVE-2026-37458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95796?format=json","purl":"pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e1g-fprx-x3b2"},{"vulnerability":"VCID-1e26-pytr-dfg8"},{"vulnerability":"VCID-2fy7-pft4-yffq"},{"vulnerability":"VCID-4rsu-buq4-mqg1"},{"vulnerability":"VCID-5s78-2276-bbam"},{"vulnerability":"VCID-5wb3-6rz8-wuff"},{"vulnerability":"VCID-77u8-npxr-nue9"},{"vulnerability":"VCID-86kf-9g4x-jkgs"},{"vulnerability":"VCID-ak6d-y7f2-gbay"},{"vulnerability":"VCID-asv2-x64e-7udv"},{"vulnerability":"VCID-bj2r-ymnb-6qf2"},{"vulnerability":"VCID-d3ht-2jch-qqfk"},{"vulnerability":"VCID-duhv-qc6g-ebcr"},{"vulnerability":"VCID-ea5k-3hd6-zuhr"},{"vulnerability":"VCID-gfhp-9bcc-h3ca"},{"vulnerability":"VCID-gfnp-84dc-pkcg"},{"vulnerability":"VCID-j2jj-kd9s-9bbu"},{"vulnerability":"VCID-jfwm-pr2w-ykbp"},{"vulnerability":"VCID-jjb7-va26-puhm"},{"vulnerability":"VCID-k2m7-dbg6-huec"},{"vulnerability":"VCID-kve7-5efk-yfbh"},{"vulnerability":"VCID-r1pc-epmj-9keu"},{"vulnerability":"VCID-ry1y-8ktt-9kg4"},{"vulnerability":"VCID-t56j-cqpc-1kac"},{"vulnerability":"VCID-tggu-9fbg-pkcx"},{"vulnerability":"VCID-uz6t-6g85-kucn"},{"vulnerability":"VCID-wmgu-n9kx-xygw"},{"vulnerability":"VCID-xdyd-phps-x7d9"},{"vulnerability":"VCID-z2uh-958p-8bdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/195369?format=json","purl":"pkg:deb/debian/frr@8.4.4-1.1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e1g-fprx-x3b2"},{"vulnerability":"VCID-1e26-pytr-dfg8"},{"vulnerability":"VCID-2fy7-pft4-yffq"},{"vulnerability":"VCID-4rsu-buq4-mqg1"},{"vulnerability":"VCID-5s78-2276-bbam"},{"vulnerability":"VCID-5wb3-6rz8-wuff"},{"vulnerability":"VCID-77u8-npxr-nue9"},{"vulnerability":"VCID-86kf-9g4x-jkgs"},{"vulnerability":"VCID-ak6d-y7f2-gbay"},{"vulnerability":"VCID-asv2-x64e-7udv"},{"vulnerability":"VCID-bj2r-ymnb-6qf2"},{"vulnerability":"VCID-d3ht-2jch-qqfk"},{"vulnerability":"VCID-duhv-qc6g-ebcr"},{"vulnerability":"VCID-ea5k-3hd6-zuhr"},{"vulnerability":"VCID-gfhp-9bcc-h3ca"},{"vulnerability":"VCID-gfnp-84dc-pkcg"},{"vulnerability":"VCID-j2jj-kd9s-9bbu"},{"vulnerability":"VCID-jfwm-pr2w-ykbp"},{"vulnerability":"VCID-jjb7-va26-puhm"},{"vulnerability":"VCID-k2m7-dbg6-huec"},{"vulnerability":"VCID-kve7-5efk-yfbh"},{"vulnerability":"VCID-r1pc-epmj-9keu"},{"vulnerability":"VCID-ry1y-8ktt-9kg4"},{"vulnerability":"VCID-t56j-cqpc-1kac"},{"vulnerability":"VCID-tggu-9fbg-pkcx"},{"vulnerability":"VCID-uz6t-6g85-kucn"},{"vulnerability":"VCID-wmgu-n9kx-xygw"},{"vulnerability":"VCID-xdyd-phps-x7d9"},{"vulnerability":"VCID-z2uh-958p-8bdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1175182?format=json","purl":"pkg:deb/debian/frr@8.4.4-1.1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2"},{"url":"http://public2.vulnerablecode.io/api/packages/304759?format=json","purl":"pkg:deb/debian/frr@8.4.4-1.1~deb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95802?format=json","purl":"pkg:deb/debian/frr@10.3-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e26-pytr-dfg8"},{"vulnerability":"VCID-4rsu-buq4-mqg1"},{"vulnerability":"VCID-5s78-2276-bbam"},{"vulnerability":"VCID-86kf-9g4x-jkgs"},{"vulnerability":"VCID-ak6d-y7f2-gbay"},{"vulnerability":"VCID-d3ht-2jch-qqfk"},{"vulnerability":"VCID-duhv-qc6g-ebcr"},{"vulnerability":"VCID-gfnp-84dc-pkcg"},{"vulnerability":"VCID-jjb7-va26-puhm"},{"vulnerability":"VCID-kve7-5efk-yfbh"},{"vulnerability":"VCID-t56j-cqpc-1kac"},{"vulnerability":"VCID-wmgu-n9kx-xygw"},{"vulnerability":"VCID-xdyd-phps-x7d9"},{"vulnerability":"VCID-z2uh-958p-8bdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1175183?format=json","purl":"pkg:deb/debian/frr@10.3-3%2Bdeb13u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1"},{"url":"http://public2.vulnerablecode.io/api/packages/304760?format=json","purl":"pkg:deb/debian/frr@10.3-3%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95839?format=json","purl":"pkg:deb/debian/frr@10.6.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95800?format=json","purl":"pkg:deb/debian/frr@10.6.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95801?format=json","purl":"pkg:deb/debian/frr@10.6.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1167824?format=json","purl":"pkg:deb/debian/frr@10.6.1-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.6.1-2"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95799?format=json","purl":"pkg:deb/debian/frr@7.5.1-1.1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e26-pytr-dfg8"},{"vulnerability":"VCID-4rsu-buq4-mqg1"},{"vulnerability":"VCID-5s78-2276-bbam"},{"vulnerability":"VCID-86kf-9g4x-jkgs"},{"vulnerability":"VCID-ak6d-y7f2-gbay"},{"vulnerability":"VCID-d3ht-2jch-qqfk"},{"vulnerability":"VCID-duhv-qc6g-ebcr"},{"vulnerability":"VCID-gfnp-84dc-pkcg"},{"vulnerability":"VCID-gq38-a2db-qygu"},{"vulnerability":"VCID-jjb7-va26-puhm"},{"vulnerability":"VCID-kve7-5efk-yfbh"},{"vulnerability":"VCID-t56j-cqpc-1kac"},{"vulnerability":"VCID-wmgu-n9kx-xygw"},{"vulnerability":"VCID-xdyd-phps-x7d9"},{"vulnerability":"VCID-z2uh-958p-8bdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@7.5.1-1.1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/195368?format=json","purl":"pkg:deb/debian/frr@7.5.1-1.1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e26-pytr-dfg8"},{"vulnerability":"VCID-2fy7-pft4-yffq"},{"vulnerability":"VCID-4rsu-buq4-mqg1"},{"vulnerability":"VCID-5brw-dmd4-nqdv"},{"vulnerability":"VCID-5s78-2276-bbam"},{"vulnerability":"VCID-5wb3-6rz8-wuff"},{"vulnerability":"VCID-86kf-9g4x-jkgs"},{"vulnerability":"VCID-ak6d-y7f2-gbay"},{"vulnerability":"VCID-asv2-x64e-7udv"},{"vulnerability":"VCID-bj2r-ymnb-6qf2"},{"vulnerability":"VCID-c58f-r3dv-ryfg"},{"vulnerability":"VCID-d3ht-2jch-qqfk"},{"vulnerability":"VCID-duhv-qc6g-ebcr"},{"vulnerability":"VCID-gfhp-9bcc-h3ca"},{"vulnerability":"VCID-gfnp-84dc-pkcg"},{"vulnerability":"VCID-gq38-a2db-qygu"},{"vulnerability":"VCID-h778-bbpa-ffg7"},{"vulnerability":"VCID-j2jj-kd9s-9bbu"},{"vulnerability":"VCID-jfwm-pr2w-ykbp"},{"vulnerability":"VCID-jjb7-va26-puhm"},{"vulnerability":"VCID-k2m7-dbg6-huec"},{"vulnerability":"VCID-kve7-5efk-yfbh"},{"vulnerability":"VCID-r1pc-epmj-9keu"},{"vulnerability":"VCID-r64v-kmd2-cue4"},{"vulnerability":"VCID-t555-6yka-kqfs"},{"vulnerability":"VCID-t56j-cqpc-1kac"},{"vulnerability":"VCID-ve4v-f2qn-ekan"},{"vulnerability":"VCID-wmgu-n9kx-xygw"},{"vulnerability":"VCID-xdyd-phps-x7d9"},{"vulnerability":"VCID-z2uh-958p-8bdc"},{"vulnerability":"VCID-z5dy-vtdp-mfb6"},{"vulnerability":"VCID-zsz8-21q5-sbbk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@7.5.1-1.1%252Bdeb11u2"},{"url":"http://public2.vulnerablecode.io/api/packages/95796?format=json","purl":"pkg:deb/debian/frr@8.4.4-1.1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e1g-fprx-x3b2"},{"vulnerability":"VCID-1e26-pytr-dfg8"},{"vulnerability":"VCID-2fy7-pft4-yffq"},{"vulnerability":"VCID-4rsu-buq4-mqg1"},{"vulnerability":"VCID-5s78-2276-bbam"},{"vulnerability":"VCID-5wb3-6rz8-wuff"},{"vulnerability":"VCID-77u8-npxr-nue9"},{"vulnerability":"VCID-86kf-9g4x-jkgs"},{"vulnerability":"VCID-ak6d-y7f2-gbay"},{"vulnerability":"VCID-asv2-x64e-7udv"},{"vulnerability":"VCID-bj2r-ymnb-6qf2"},{"vulnerability":"VCID-d3ht-2jch-qqfk"},{"vulnerability":"VCID-duhv-qc6g-ebcr"},{"vulnerability":"VCID-ea5k-3hd6-zuhr"},{"vulnerability":"VCID-gfhp-9bcc-h3ca"},{"vulnerability":"VCID-gfnp-84dc-pkcg"},{"vulnerability":"VCID-j2jj-kd9s-9bbu"},{"vulnerability":"VCID-jfwm-pr2w-ykbp"},{"vulnerability":"VCID-jjb7-va26-puhm"},{"vulnerability":"VCID-k2m7-dbg6-huec"},{"vulnerability":"VCID-kve7-5efk-yfbh"},{"vulnerability":"VCID-r1pc-epmj-9keu"},{"vulnerability":"VCID-ry1y-8ktt-9kg4"},{"vulnerability":"VCID-t56j-cqpc-1kac"},{"vulnerability":"VCID-tggu-9fbg-pkcx"},{"vulnerability":"VCID-uz6t-6g85-kucn"},{"vulnerability":"VCID-wmgu-n9kx-xygw"},{"vulnerability":"VCID-xdyd-phps-x7d9"},{"vulnerability":"VCID-z2uh-958p-8bdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/195369?format=json","purl":"pkg:deb/debian/frr@8.4.4-1.1~deb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e1g-fprx-x3b2"},{"vulnerability":"VCID-1e26-pytr-dfg8"},{"vulnerability":"VCID-2fy7-pft4-yffq"},{"vulnerability":"VCID-4rsu-buq4-mqg1"},{"vulnerability":"VCID-5s78-2276-bbam"},{"vulnerability":"VCID-5wb3-6rz8-wuff"},{"vulnerability":"VCID-77u8-npxr-nue9"},{"vulnerability":"VCID-86kf-9g4x-jkgs"},{"vulnerability":"VCID-ak6d-y7f2-gbay"},{"vulnerability":"VCID-asv2-x64e-7udv"},{"vulnerability":"VCID-bj2r-ymnb-6qf2"},{"vulnerability":"VCID-d3ht-2jch-qqfk"},{"vulnerability":"VCID-duhv-qc6g-ebcr"},{"vulnerability":"VCID-ea5k-3hd6-zuhr"},{"vulnerability":"VCID-gfhp-9bcc-h3ca"},{"vulnerability":"VCID-gfnp-84dc-pkcg"},{"vulnerability":"VCID-j2jj-kd9s-9bbu"},{"vulnerability":"VCID-jfwm-pr2w-ykbp"},{"vulnerability":"VCID-jjb7-va26-puhm"},{"vulnerability":"VCID-k2m7-dbg6-huec"},{"vulnerability":"VCID-kve7-5efk-yfbh"},{"vulnerability":"VCID-r1pc-epmj-9keu"},{"vulnerability":"VCID-ry1y-8ktt-9kg4"},{"vulnerability":"VCID-t56j-cqpc-1kac"},{"vulnerability":"VCID-tggu-9fbg-pkcx"},{"vulnerability":"VCID-uz6t-6g85-kucn"},{"vulnerability":"VCID-wmgu-n9kx-xygw"},{"vulnerability":"VCID-xdyd-phps-x7d9"},{"vulnerability":"VCID-z2uh-958p-8bdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@8.4.4-1.1~deb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/95802?format=json","purl":"pkg:deb/debian/frr@10.3-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e26-pytr-dfg8"},{"vulnerability":"VCID-4rsu-buq4-mqg1"},{"vulnerability":"VCID-5s78-2276-bbam"},{"vulnerability":"VCID-86kf-9g4x-jkgs"},{"vulnerability":"VCID-ak6d-y7f2-gbay"},{"vulnerability":"VCID-d3ht-2jch-qqfk"},{"vulnerability":"VCID-duhv-qc6g-ebcr"},{"vulnerability":"VCID-gfnp-84dc-pkcg"},{"vulnerability":"VCID-jjb7-va26-puhm"},{"vulnerability":"VCID-kve7-5efk-yfbh"},{"vulnerability":"VCID-t56j-cqpc-1kac"},{"vulnerability":"VCID-wmgu-n9kx-xygw"},{"vulnerability":"VCID-xdyd-phps-x7d9"},{"vulnerability":"VCID-z2uh-958p-8bdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/195370?format=json","purl":"pkg:deb/debian/frr@10.3-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e26-pytr-dfg8"},{"vulnerability":"VCID-4rsu-buq4-mqg1"},{"vulnerability":"VCID-5s78-2276-bbam"},{"vulnerability":"VCID-86kf-9g4x-jkgs"},{"vulnerability":"VCID-ak6d-y7f2-gbay"},{"vulnerability":"VCID-d3ht-2jch-qqfk"},{"vulnerability":"VCID-duhv-qc6g-ebcr"},{"vulnerability":"VCID-gfnp-84dc-pkcg"},{"vulnerability":"VCID-jjb7-va26-puhm"},{"vulnerability":"VCID-kve7-5efk-yfbh"},{"vulnerability":"VCID-t56j-cqpc-1kac"},{"vulnerability":"VCID-wmgu-n9kx-xygw"},{"vulnerability":"VCID-xdyd-phps-x7d9"},{"vulnerability":"VCID-z2uh-958p-8bdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/frr@10.3-3"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-37458.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-37458.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-37458","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17911","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18008","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18006","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1797","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17892","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-37458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-37458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-37458"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2465680","reference_id":"2465680","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2465680"},{"reference_url":"https://github.com/FRRouting/frr/commit/8102a8aeceb9f86fdfe1f80cd77080522bab69c8","reference_id":"8102a8aeceb9f86fdfe1f80cd77080522bab69c8","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T15:45:04Z/"}],"url":"https://github.com/FRRouting/frr/commit/8102a8aeceb9f86fdfe1f80cd77080522bab69c8"},{"reference_url":"https://github.com/mertsatilmaz/vulnerability-research/blob/main/advisories/CVE-2026-36365.md","reference_id":"CVE-2026-36365.md","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T15:45:04Z/"}],"url":"https://github.com/mertsatilmaz/vulnerability-research/blob/main/advisories/CVE-2026-36365.md"},{"reference_url":"https://usn.ubuntu.com/8376-1/","reference_id":"USN-8376-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8376-1/"}],"weaknesses":[{"cwe_id":20,"name":"Improper Input Validation","description":"The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly."}],"exploits":[],"severity_range_score":"6.5 - 6.5","exploitability":"0.5","weighted_severity":"5.9","risk_score":3.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wmgu-n9kx-xygw"}