CVE Tools
Sign in

CVE-2026-48685

Published: May 26, 2026Updated: May 27, 2026 Sources: CVE List NVDCWE-130
NVD MITRE
6.5CVSSMEDIUM
EPSS Score
0.3%
Top 79.1%
CISA KEV
Not in KEV
Exploits
No Known Exploits
Remediation
No Fix Available

Description

FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgp_protocol.hpp, the parse_raw_bgp_attribute() function correctly identifies when extended_length_bit is set and sets length_of_length_field to 2, but then reads only a single byte for the attribute value length (attribute_value_length = value[2] at line 173). Per RFC 4271 Section 4.3, when the Extended Length bit is set, the Attribute Length field is two octets and the value should be read as a 16-bit big-endian integer from value[2] and value[3]. As a result, any attribute longer than 255 bytes has its length silently truncated to the low byte (e.g., 300 bytes = 0x012C is read as 0x2C = 44 bytes). The remaining 256 bytes are then misinterpreted as subsequent attributes, causing cascading parse failures and potential out-of-bounds memory access.

CVSS Vector Breakdown

AV:NAC:LPR:LUI:NS:UC:NI:NA:H
Exploitability
AV:NAttack Vector
Network
AC:LAttack Complexity
Low
PR:LPrivileges Required
Low
UI:NUser Interaction
None
Scope
S:UScope
Unchanged
Impact
C:NConfidentiality
None
I:NIntegrity
None
A:HAvailability
High
Open in CVSS calculator →

Weaknesses

CWE-130

Affected Products

fastnetmonpavel-odintsov
On-prem
Networking Infrastructure / network-management
n/an/a
pavel-odintsovindividual-devNetworking Infrastructureaka fastnetmon

Exploitability

No known exploits, KEV entries, or remediation guidance available for this vulnerability yet.

References

https://github.com/pavel-odintsov/fastnetmon
github.com
https://github.com/pavel-odintsov/fastnetmon/blob/master/src/bgp_protocol.hpp
github.com
https://lorikeetsecurity.com/blog/fastnetmon-cve-2026-48685-bgp-extended-length
lorikeetsecurity.com

Timeline

Published
May 26, 2026
Last Updated
May 27, 2026

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2026-48685 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows