Vulnerabilities

Report: Latest: CVE-2026-42577 - Netty: epoll transport denial of service via RST on half-closed TCP connection

2026-05-13 0 views admin

CVE ID :CVE-2026-42577 Published : May 13, 2026, 7:17 p.m. | 29 minutes ago Description :Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100% CPU busy-loop in the event loop thread. This vulnerability is fixed in 4.2.13.Final. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-42577

Severity

HIGH

Published

May 13, 2026

Attack Vector: network

🏷️ Tags

reportlatest42577nettyepolltransportdenialserviceclosedconnection

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: Latest: CVE-2026-42577 - Netty: epoll transport denial of service via RST on half-closed TCP connection

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Update: CVE-2026-41132 - CKAN: No certificate validation on STMP connection

Report: CVE-2026-42032 - CKAN: Unauthenticated Authorization Bypass in `datastore_search_sql` - Expert Insights

Report: CVE-2026-42031 - CKAN: Unauthenticated SQL Injection and Authorization Bypass in `datastore_searc

Report: CVE-2026-41255 - CKAN: CSRF exemption primed by anonymous requests

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting