CVE-2026-37457 | FRRouting FRR 10.0 FlowSpec bgpd/bgp_flowspec_util.c bgp_flowspec_op_decode off-by-one (EUVD-2026-26703)

A vulnerability was found in FRRouting FRR 10.0. It has been declared as problematic. Impacted is the function bgp_flowspec_op_decode of the file bgpd/bgp_flowspec_util.c of the component FlowSpec. Executing a manipulation can lead to off-by-one.

This vulnerability is tracked as CVE-2026-37457. The attack is only possible within the local network. No exploit exists.

It is advisable to implement a patch to correct this issue.VulDB Recent EntriesRead More