Stack-based Buffer Overflow in Cesanta Mongoose's mDNS Record Handler
CVE-2026-5245

6.3MEDIUM

Key Information:

Vendor

Cesanta

Status
Mongoose
Vendor
CVE Published:
2 April 2026

What is CVE-2026-5245?

A stack-based buffer overflow vulnerability has been identified in Cesanta Mongoose prior to version 7.21, specifically in the mDNS Record Handler component. This vulnerability allows an attacker to manipulate the buffer argument, leading to potential remote exploitation. Although the attack complexity is deemed high, the risk is exacerbated by the public availability of the exploit. Affected users are urged to upgrade to version 7.21, which includes a patch to mitigate this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Mongoose 7.0

Mongoose 7.1

Mongoose 7.2

References

https://vuldb.com/vuln/354826
vdb-entrytechnical-description
https://vuldb.com/vuln/354826/cti
signaturepermissions-required
https://vuldb.com/submit/770103
third-party-advisory

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

the_evilsocket (VulDB User)
VulDB CNA Team
JSON
.