CVE-2026-34962 — barebox version prior to 2026.04.0 contains a
CVE-2026-34962 — barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4_common.c where the ext4fs_iterate_dir() function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesyste
What This Means For You
- If your environment is affected by CWE-835, review your exposure and prioritize patching based on your environment. Monitor vendor advisories for CVE-2026-34962 updates and patches.
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-34962 | vulnerability | CVE-2026-34962 |
| CWE-835 | weakness | CWE-835 |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 12, 2026 at 02:19 UTC |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-8349 — Omec-Project Amf Vulnerability
CVE-2026-8349 — A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing...
CVE-2026-8346 — D-Link DIR-816 1.10CNB05_R1B011D88210 Command Injection
CVE-2026-8346 — A vulnerability was detected in D-Link DIR-816 1.10CNB05_R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ip_address results in command...
CVE-2026-8345 — D-Link DIR-816 1.10CNB05_R1B011D88210 Command Injection
CVE-2026-8345 — A security vulnerability has been detected in D-Link DIR-816 1.10CNB05_R1B011D88210. Affected by this issue is the function sub_445E7C of the file /goform/singlePortForward. Such...