CVE-2026-14324
MEDIUMCVSS 6.5/10
Last modified
CVE-2026-14324 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. RAOP module accepts unbounded Content-Length values and does not check the pw_array_add() return..
Description
RAOP module accepts unbounded Content-Length values and does not check the pw_array_add() return.
Metrics
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 | All versions |
| Red Hat | Red Hat Enterprise Linux 8 | All versions |
| Red Hat | Red Hat Enterprise Linux 9 | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Awaiting Analysis
Frequently Asked Questions
What is CVE-2026-14324?
RAOP module accepts unbounded Content-Length values and does not check the pw_array_add() return.
How severe is CVE-2026-14324?
CVE-2026-14324 has a CVSS score of 6.5/10 (MEDIUM severity).
How do I fix CVE-2026-14324?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Related CVEs from 2026
- CVE-2026-14278Rejected reason: After further coordination, CVE was determi…
- CVE-2026-1428Single Sign-On Portal System developed by WellChoose has a O…8.8
- CVE-2026-1429Single Sign-On Portal System developed by WellChoose has a R…5.4
- CVE-2026-1430The WP Lightbox 2 WordPress plugin before 3.0.7 does not san…4.8
- CVE-2026-1431The Booking Calendar plugin for WordPress is vulnerable to u…5.3
- CVE-2026-1432SQL injection vulnerability in the Buroweb platform version …9.3
- CVE-2026-14327The AR for WordPress plugin for WordPress is vulnerable to D…7.5
- CVE-2026-1433uniFLOW Universal Login Manager (ULM) Standalone contains an…4.8
- CVE-2026-14330Multiple unbounded alloca() calls in the PulseAudio protocol…5.5
- CVE-2026-14336PIA's OIDC issuer allowlist for Jenkins tokens uses a bare s…8.2
- CVE-2026-1434Omega-PSIR is vulnerable to Reflected XSS via the lang param…6.1
- CVE-2026-14340An incorrect authorization vulnerability was identified in G…5
Are you affected by CVE-2026-14324?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
