CVE-2026-29771
- Source
- https://cve.org/CVERecord?id=CVE-2026-29771
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-29771.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2026-29771
- Aliases
- Downstream
- Related
- Published
- 2026-03-07T15:14:38.361Z
- Modified
- 2026-04-10T05:41:40.561434Z
- Severity
-
- 8.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- Netmaker: Denial of Service via Server Shutdown Endpoint
- Details
-
Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart intervals. This issue has been patched in version 1.2.0.
- Database specific
{ "cwe_ids": [ "CWE-404" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/29xxx/CVE-2026-29771.json", "cna_assigner": "GitHub_M" }- References
Affected packages
Git / github.com/gravitl/netmaker
Affected ranges
- Type
- GIT
- Repo
- https://github.com/gravitl/netmaker
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.7
v0.*
v0.1
v0.10.0
v0.11.0
v0.11.1-testing
v0.11.1_testing
v0.12.0
v0.13.5-testing
v0.14.1
v0.14.1-testing
v0.14.2
v0.14.3
v0.14.4
v0.14.5
v0.14.6
v0.15.1
v0.15.2
v0.16.0
v0.16.1
v0.16.2
v0.17.0
v0.18.0
v0.18.1
v0.18.2
v0.18.3
v0.18.4
v0.18.6
v0.18.7
v0.19.0
v0.20.0
v0.20.1
v0.20.2
v0.20.3
v0.20.4
v0.20.5
v0.20.6
v0.21.0
v0.21.1
v0.21.2
v0.22.0
v0.23.0
v0.24.0
v0.24.1
v0.24.2
v0.24.3
v0.25.0
v0.26.0
v0.3
v0.30.0
v0.5
v0.7
v0.7.1
v0.8.0
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.90.0
v0.99.0
v1.*
v1.0.0
v1.1.0