CVE-2026-7735

Daily digests

An attacker can remotely send a crafted AIGP (Accumulated IGP) BGP attribute that triggers a buffer overflow in GoBGP's packet parser. This could crash the daemon or potentially allow code execution. No authentication is needed, so any peer, or anything spoofing a peer, could fire this off.

• Daily Digest · May 4, 2026

  GoBGP crashes, Prefect + MindsDB unpatched exploits