CVE-2026-42009

Daily digests

GnuTLS has a bug in how it reorders DTLS packets. When two packets arrive with the same sequence number, the sorting logic produces undefined behavior that can crash the process. A remote attacker can trigger this by sending duplicate-sequence DTLS packets, causing a denial of service. This only affects services using DTLS (UDP-based TLS), not standard TLS over TCP.

• Daily Digest · May 18, 2026

  PostgreSQL refint RCE + NGINX rewrite bypass