CVE Watchtower


← Back to CVE List

CVE-2026-35505NVD

Vulnerability Summary

An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart.
Severity Level
HIGH(7.5)
Published Date
Jun 30, 2026
Last Modified
Jul 1, 2026
Exploitation Status
No confirmed exploitation yet
EPSS Score (30-Day)
0.38%Probability
Root Weakness (CWE)
N/A
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone