CVE-2026-46597

EUVD-2026-31388
An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Affected Products (NVD)
VendorProductVersion
golangcrypto
𝑥
< 0.52.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
golang-go.crypto
bookworm
vulnerable
bullseye
postponed
forky
1:0.53.0-1
fixed
sid
1:0.53.0-1
fixed
trixie
vulnerable
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
amazon-ssm-agent
suse enterprise sap 15 SP4
3.3.4624.0-150000.5.37.1
fixed
suse enterprise sap 15 SP5
3.3.4624.0-150000.5.37.1
fixed
suse enterprise sap 15 SP6
3.3.4624.0-150000.5.37.1
fixed
suse enterprise sap 15 SP7
3.3.4624.0-150000.5.37.1
fixed
suse enterprise server 15 SP4
3.3.4624.0-150000.5.37.1
fixed
suse enterprise server 15 SP5
3.3.4624.0-150000.5.37.1
fixed
suse enterprise server 15 SP6
3.3.4624.0-150000.5.37.1
fixed
suse enterprise server 15 SP7
3.3.4624.0-150000.5.37.1
fixed
apptainer
suse enterprise server 15 SP6
1.5.1-150600.4.24.1
fixed
apptainer-sle15_6
suse enterprise server 15 SP6
1.5.1-150600.4.24.1
fixed
buildah
suse enterprise sap 15 SP7
1.35.5-150500.3.62.1
fixed
suse enterprise server 15 SP4
1.35.5-150400.3.68.1
fixed
suse enterprise server 15 SP5
1.35.5-150500.3.62.1
fixed
suse enterprise server 15 SP6
1.35.5-150500.3.62.1
fixed
suse enterprise server 15 SP7
1.35.5-150500.3.62.1
fixed
google-guest-agent
suse enterprise sap 15 SP4
20260529.00-150000.1.70.1
fixed
suse enterprise sap 15 SP5
20260529.00-150000.1.70.1
fixed
suse enterprise sap 15 SP6
20260529.00-150000.1.70.1
fixed
suse enterprise sap 15 SP7
20260529.00-150000.1.70.1
fixed
suse enterprise server 15 SP4
20260529.00-150000.1.70.1
fixed
suse enterprise server 15 SP5
20260529.00-150000.1.70.1
fixed
suse enterprise server 15 SP6
20260529.00-150000.1.70.1
fixed
suse enterprise server 15 SP7
20260529.00-150000.1.70.1
fixed
google-osconfig-agent
suse enterprise sap 15 SP4
20260615.01-150000.1.55.1
fixed
suse enterprise sap 15 SP5
20260615.01-150000.1.55.1
fixed
suse enterprise sap 15 SP6
20260615.01-150000.1.55.1
fixed
suse enterprise sap 15 SP7
20260615.01-150000.1.55.1
fixed
suse enterprise server 15 SP4
20260615.01-150000.1.55.1
fixed
suse enterprise server 15 SP5
20260615.01-150000.1.55.1
fixed
suse enterprise server 15 SP6
20260615.01-150000.1.55.1
fixed
suse enterprise server 15 SP7
20260615.01-150000.1.55.1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
containerd
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
containerd-debuginfo
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
containerd-debugsource
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
containerd-stress
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
containerd-stress-debuginfo
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
nerdctl
Amazon Linux 2
0:2.2.2-1.amzn2.0.3
fixed
Amazon Linux 2023
0:2.2.2-1.amzn2023.0.3
fixed
nerdctl-debuginfo
Amazon Linux 2
0:2.2.2-1.amzn2.0.3
fixed
rclone
Amazon Linux 2023
0:1.74.2-80.amzn2023
fixed
rclone-debuginfo
Amazon Linux 2023
0:1.74.2-80.amzn2023
fixed
rclone-debugsource
Amazon Linux 2023
0:1.74.2-80.amzn2023
fixed
runfinch-finch
Amazon Linux 2023
0:1.17.1-1.amzn2023.0.2
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
cert-manager
Azure Linux 3.0
0:1.12.15-8.azl3
fixed
cf-cli
Azure Linux 3.0
0:8.7.11-6.azl3
fixed
docker-buildx
Azure Linux 3.0
0:0.14.0-13.azl3
fixed
docker-compose
Azure Linux 3.0
0:2.27.0-11.azl3
fixed
gh
Azure Linux 3.0
0:2.62.0-16.azl3
fixed
kubernetes
Azure Linux 3.0
0:1.30.10-25.azl3
fixed
kubevirt
Azure Linux 3.0
0:1.7.1-5.azl3
fixed
moby-engine
Azure Linux 3.0
0:25.0.3-18.azl3
fixed
packer
Azure Linux 3.0
0:1.9.5-14.azl3
fixed
telegraf
Azure Linux 3.0
0:1.31.0-21.azl3
fixed