CVE-2026-58374 | w1.fi hostapd up to 2.11 hostapd_process_ml_assoc_req links[] off-by-one
A vulnerability was found in w1.fi hostapd up to 2.11. It has been declared as critical. The affected element is the function hostapd_process_ml_assoc_req. Executing a manipulation of the argument links[] can lead to off-by-one.
This vulnerability is tracked as CVE-2026-58374. The attack is only possible within the local network. No exploit exists.
It is recommended to upgrade the affected component.VulDB Recent EntriesRead More