{"uuid": "cd2e06a5-a50d-4ecf-97d1-29da3a3f9478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49494", "type": "seen", "source": "https://gist.github.com/ichintu/1fa73ee279a0b98b9904fc693266bdeb", "content": "**CVE-2026-49494 \u2013 Comodo Inspect.sys IPv6 Integer Underflow**\n\nComodo\u2019s firewall driver (Inspect.sys) performs an unsigned subtraction of IPv6 extension\u2011header lengths from a 64\u2011bit payload length without bounds checking. This can underflow, yielding a very large value processed before rule enforcement. An attacker can send a single crafted IPv6 packet to any protected Windows system, causing out\u2011of\u2011bounds reads and a massive memcpy at DISPATCH_LEVEL, which crashes the OS (BSOD). The flaw is remote\u2011able, requires no authentication, and is rated **8.7\u202fHigh**. Published\u202fJuly\u202f7\u202f2026.", "creation_timestamp": "2026-06-07T16:00:13.000000Z"}