CVE-2026-48688

Source
https://cve.org/CVERecord?id=CVE-2026-48688
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-48688.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-48688
Downstream
Published
2026-05-26T00:00:00Z
Modified
2026-07-08T08:13:39.002812369Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6() in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after attribute memory block.' The function casts raw pointers to structure types without verifying sufficient data exists (line 158), uses the attacker-controlled lengthofnexthop field to determine memcpy size (line 181), and computes prefixlength by dereferencing a pointer calculated from multiple attacker-controlled offsets without bounds validation (line 189). The prefixlength is then used to calculate numberofbytesrequiredforprefix which becomes a memcpy length (line 202) with no check against remaining buffer size.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/48xxx/CVE-2026-48688.json",
    "cna_assigner": "mitre"
}
References

Affected packages

Git / github.com/pavel-odintsov/fastnetmon

Affected ranges

Type
GIT
Repo
https://github.com/pavel-odintsov/fastnetmon
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": [
        "DESCRIPTION",
        "CPE_RANGE"
    ],
    "cpe": "cpe:2.3:a:pavel-odintsov:fastnetmon:*:*:*:*:community:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.2.9"
        },
        {
            "last_affected": "1.2.9"
        }
    ]
}

Affected versions

v1.*
v1.0.0
v1.1.0
v1.1.2
v1.1.3
v1.1.4
v1.1.5
v1.1.6
v1.1.7
v1.1.8
v1.1.9
v1.2.0
v1.2.1
v1.2.2
v1.2.3
v1.2.4
v1.2.5
v1.2.6
v1.2.7
v1.2.8

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-48688.json"