MeldSecurity
Press Enter to search
CVE Database & Search →
Sign In Get Started

CVE-2026-2967

🟢 LOW

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net_builtin.c of the component TCP Sequence Number Handler. The manipulati...

Published
Feb 23, 2026
Last Modified
Feb 23, 2026
Views
8
Bookmarks
0

Description

Request Expert Review

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net_builtin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is reported as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Scores

CVSS 3.1 3.7
3.7
LOW
CVSS 2.0 3.7

References

github.com github.com vuldb.com vuldb.com vuldb.com

Additional Information

Source
cna@vuldb.com
State
Received

Related CVEs

CVE-2026-2971

MEDIUM

A vulnerability was found in a466350665 Smart-SSO up to 2.1.1. Affected by this issue is some unknown functionality of the file smart-sso-server/src/m...

Score: 4.3

CVE-2026-2970

MEDIUM

A vulnerability has been found in datapizza-labs datapizza-ai 0.0.2. Affected by this vulnerability is the function RedisCache of the file datapizza-a...

Score: 4.6

CVE-2026-2969

MEDIUM

A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/module...

Score: 4.7

CVE-2026-2998

HIGH

ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a crafted DLL file in the same di...

Score: 7.8

CVE-2026-2968

LOW

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mg_chacha20_poly1305_decrypt of the file /src/tls_chacha20.c of...

Score: 3.7

CVE-2026-2997

MEDIUM

Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers...

Score: 5.4

Share CVE-2026-2967

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Request a professional security analysis for CVE-2026-2967 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Add 3 credits for accelerated delivery

Base Cost: 8 credits
Priority Upgrade: + credits
SLA Acceleration: +3 credits
Total Cost:
Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

Report Analysis