{"vulnerability": "cve-2026-5001", "sightings": [{"uuid": "581c913b-eaeb-4b8c-b99a-369d553db310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5001", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mi5bewwsbl2o", "content": "", "creation_timestamp": "2026-03-28T18:32:09.484480Z"}, {"uuid": "5cdac89c-c7f9-42d3-a900-31ebfacecf30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-5001", "type": "seen", "source": "Telegram/UqVXoPD2ncgjy8FLcvETcR69G7u_bUkWuPHFuyVDBoMX-28", "content": "", "creation_timestamp": "2026-03-28T17:15:31.000000Z"}, {"uuid": "1beeeeec-0b26-49a2-8900-4abeb927711d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50012", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mo3rm3en6x2v", "content": "Squid CVE-2026-47729 and CVE-2026-50012", "creation_timestamp": "2026-06-12T12:48:19.057082Z"}, {"uuid": "5c11e95f-8a92-414d-bb47-8b074bdf224d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50010", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mo5i6l7zbl2i", "content": "CVE-2026-50010 - High severity flaw in Netty's X509TrustManager wrapper. SSLEngine discarded in trust checks, potentially enabling MITM attacks. CVSS 7.5. No patch yet. Monitor & mitigate. #CVE #Netty #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-50010/", "creation_timestamp": "2026-06-13T05:05:01.937808Z"}, {"uuid": "785fb65f-11a0-44d2-a687-abdddc04b003", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50011", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mo7v26kzmj2v", "content": "\ud83d\udfe0 CVE-2026-50011 - High (7.5)\n\nNetty is a network application framework for development of protocol servers and clients. Prior t...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-50011/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-14T04:00:33.442224Z"}, {"uuid": "85c176c3-d56e-4ad1-b8a9-e086332176ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50012", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3modi3vazfl2z", "content": "Re: Squid CVE-2026-47729 and CVE-2026-50012", "creation_timestamp": "2026-06-15T14:19:30.122380Z"}, {"uuid": "ef426281-73c9-432f-8a7c-54abee137324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50011", "type": "seen", "source": "https://gist.github.com/alon710/6e083e538662dc872931a903f1bab93e", "content": "# CVE-2026-50011: CVE-2026-50011: Unbounded Resource Pre-Allocation in Netty Redis Codec\n\n> **CVSS Score:** 7.5\n> **Published:** 2026-06-15\n> **Full Report:** https://cvereports.com/reports/CVE-2026-50011\n\n## Summary\nAn uncontrolled resource pre-allocation flaw in the Netty Redis codec module allows remote unauthenticated attackers to cause a denial of service (OutOfMemoryError) by sending a crafted Redis Serialization Protocol (RESP) array header.\n\n## TL;DR\nRemote, unauthenticated attackers can crash Netty-based Redis servers by sending a 13-byte RESP array header containing a large declared array length, triggering an immediate OutOfMemoryError.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-770\n- **Attack Vector**: Network (AV:N)\n- **CVSS v3.1 Base Score**: 7.5 (High)\n- **Exploit Maturity**: Proof of Concept\n- **Impact Category**: Availability (Denial of Service)\n- **CISA KEV Status**: Not Listed\n\n## Affected Systems\n\n- io.netty:netty-codec-redis\n- **netty-codec-redis**: < 4.1.135.Final (Fixed in: `4.1.135.Final`)\n- **netty-codec-redis**: >= 4.2.0.Final, < 4.2.15.Final (Fixed in: `4.2.15.Final`)\n\n## Mitigation\n\n- Upgrade Netty library dependencies to the patched versions.\n- Deploy a custom Netty pipeline validation handler to drop connections presenting excessive array headers.\n\n**Remediation Steps:**\n1. Open the build configuration file (e.g., pom.xml or build.gradle) of the affected project.\n2. Identify the 'io.netty:netty-codec-redis' dependency.\n3. Update the version definition to '4.1.135.Final' or '4.2.15.Final' depending on the current active release branch.\n4. Rebuild the application and verify that transitively resolved Netty core dependencies are aligned.\n5. Deploy the updated binaries to production environments.\n\n## References\n\n- [GitHub Security Advisory GHSA-5w86-c3rq-vjj7](https://github.com/netty/netty/security/advisories/GHSA-5w86-c3rq-vjj7)\n- [Netty 4.1.135.Final Release Notes](https://github.com/netty/netty/releases/tag/netty-4.1.135.Final)\n- [Netty 4.2.15.Final Release Notes](https://github.com/netty/netty/releases/tag/netty-4.2.15.Final)\n- [NVD CVE-2026-50011 Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-50011)\n- [CVE.org Authority Record](https://www.cve.org/CVERecord?id=CVE-2026-50011)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-50011) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-15T23:11:08.000000Z"}, {"uuid": "ed1e14d7-911a-43d8-ba1d-c6c05c728ef8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-50010", "type": "seen", "source": "https://gist.github.com/alon710/f42a6954ca4bbe69929b54a65ee51645", "content": "# CVE-2026-50010: CVE-2026-50010: Hostname Verification Bypass in Netty TLS Client\n\n> **CVSS Score:** 7.5\n> **Published:** 2026-06-15\n> **Full Report:** https://cvereports.com/reports/CVE-2026-50010\n\n## Summary\nA critical hostname verification bypass vulnerability exists in the Netty network application framework when configured as a TLS client. When a developer registers a custom plain X509TrustManager, Netty wraps it inside an X509TrustManagerWrapper to adapt it to the X509ExtendedTrustManager API. However, this wrapper discards the SSLEngine context, bypassing critical hostname checks. Because the wrapper is identified as an X509ExtendedTrustManager, standard cryptographic engines and Netty's OpenSSL wrappers do not re-wrap it, failing to execute any hostname validation. Consequently, clients silently accept certificates for any host, enabling unauthenticated Man-in-the-Middle (MitM) attacks.\n\n## TL;DR\nNetty silently bypasses TLS hostname verification when custom plain X509TrustManagers are used, exposing clients to unauthenticated Man-in-the-Middle (MitM) traffic interception.\n\n## Technical Details\n\n- **CWE ID**: CWE-347 (Improper Verification of Cryptographic Signature)\n- **Attack Vector**: Network (AV:N)\n- **Attack Complexity**: Low (AC:L)\n- **CVSS v3.1 Score**: 7.5 (High)\n- **EPSS Score**: 0.00196 (0.20% probability of exploit in next 30 days)\n- **Exploit Status**: None / Unweaponized\n- **CISA KEV Status**: Not Listed\n\n## Affected Systems\n\n- Netty Client Configurations\n- Java Applications using Netty-Handler with custom trust managers\n- **netty-handler**: < 4.1.135.Final (Fixed in: `4.1.135.Final`)\n- **netty-handler**: >= 4.2.0.Final, < 4.2.15.Final (Fixed in: `4.2.15.Final`)\n\n## Mitigation\n\n- Upgrade the Netty library to a patched version (4.1.135.Final or 4.2.15.Final).\n- Refactor custom trust managers to explicitly extend X509ExtendedTrustManager and perform manual hostname verification.\n- Inject a post-handshake ChannelHandler to programmatically verify the peer certificate hostname.\n- Implement network-level segmentation or mTLS proxies to secure transit paths.\n\n**Remediation Steps:**\n1. Identify all direct and transitive dependencies on netty-handler within the project build files (e.g., pom.xml or build.gradle).\n2. Update the Netty version property to 4.1.135.Final (for 4.1.x) or 4.2.15.Final (for 4.2.x).\n3. Audit custom usage of SslContextBuilder.forClient().trustManager(...) to verify whether plain X509TrustManager implementations are passed.\n4. Where custom plain trust managers are used, refactor them to extend X509ExtendedTrustManager.\n5. Rebuild the application and deploy to staging environments for TLS handshake verification testing.\n6. Run automated vulnerability scanning to confirm the absence of vulnerable Netty jars.\n\n## References\n\n- [Official Netty Security Advisory (GHSA-c653-97m9-rcg9)](https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9)\n- [Netty 4.1.135.Final Release Notes](https://github.com/netty/netty/releases/tag/netty-4.1.135.Final)\n- [Netty 4.2.15.Final Release Notes](https://github.com/netty/netty/releases/tag/netty-4.2.15.Final)\n- [CVE.org Record](https://www.cve.org/CVERecord?id=CVE-2026-50010)\n- [Wiz Vulnerability Database Analysis](https://www.wiz.io/vulnerability-database/cve/cve-2026-50010)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-50010) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-15T23:41:15.000000Z"}, {"uuid": "f855ee25-5896-4a89-bc21-a2574b64022f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50012", "type": "seen", "source": "https://bsky.app/profile/canartuc.com/post/3moeii64hu42s", "content": "Squid 7.6 fixes CVE-2026-47729, an OOB read in the FTP gateway that a hostile upstream FTP server can trigger, plus CVE-2026-50012, a heap overflow in cache digests when built with --enable-cache-digests. Two memory bugs at the proxy edge. Do you still need FTP gatewaying enabled at all?\n#security", "creation_timestamp": "2026-06-15T23:59:01.942449Z"}, {"uuid": "207ceb6c-a06c-47f1-aafa-b933b39e4786", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50012", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mohbcixrys25", "content": "\u30d7\u30ed\u30ad\u30b7\u30b5\u30fc\u30d0\u30fcSquid \u304cFTP\u30b2\u30fc\u30c8\u30a6\u30a7\u30a4\u306e\u5883\u754c\u5916\u8aad\u307f\u53d6\u308a\uff08CVE-2026-47729\uff09\u3068cache_digest\u306e\u30d2\u30fc\u30d7\u30d0\u30c3\u30d5\u30a1\u30aa\u30fc\u30d0\u30fc\u30d5\u30ed\u30fc\uff08CVE-2026-50012\uff09\u306e\u8106\u5f31\u6027\u3092\u4fee\u6b63\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews", "creation_timestamp": "2026-06-17T02:28:38.668264Z"}, {"uuid": "72565889-0c9b-43c2-970d-9f68af7c4a35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50012", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mom6yzwqbv2l", "content": "Re: Squid CVE-2026-47729 and CVE-2026-50012", "creation_timestamp": "2026-06-19T01:30:48.102200Z"}, {"uuid": "b7233122-76e4-4a2d-b678-3d6ed28182ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50012", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mouihvhsbc2y", "content": "Re: Squid CVE-2026-47729 and CVE-2026-50012", "creation_timestamp": "2026-06-22T08:41:28.684013Z"}, {"uuid": "100befca-7304-4711-9d78-46b11b0f0bd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-50012", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3moxdr42ned2t", "content": "\ud83d\udd17 CVE : CVE-2026-47729, CVE-2026-50012", "creation_timestamp": "2026-06-23T11:55:07.829596Z"}]}