CVE-2026-45678
EUVD-2026-3395202.06.2026, 16:16
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond the end of the captured buffer and panic. This issue has been patched in version 0.9.0.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| opentelemetry | ebpf_instrumentation | 𝑥 < 0.9.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References