Null Pointer Dereference Vulnerability in HAProxy by HAProxy Technologies
CVE-2026-55204

8.7HIGH

Key Information:

Vendor: Haproxy
Status: Haproxy
Vendor: CVE Published:; 18 June 2026

What is CVE-2026-55204?

HAProxy, up to version 3.4.0, is susceptible to a null pointer dereference vulnerability within the hpack_dht_insert() function located in src/hpack-tbl.c. This issue arises when the function fails to validate the return value of hpack_dht_defrag() during scenarios of memory exhaustion. An attacker can exploit this by forcing dynamic table insertions under significant memory pressure, resulting in the dereferencing of a NULL pointer. This flaw can lead to the crash of HAProxy worker processes, ultimately causing a denial of service, disrupting service availability.

Affected Version(s)

haproxy 0 <= 3.4.0

haproxy 9a6d1fe3f00d86ab4ea6ea6ea0a5d48fc058a513

References

https://github.com/haproxy/haproxy/commit/9a6d1fe3f00d86a...

patch

https://www.vulncheck.com/advisories/haproxy-null-pointer...

third-party-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2026
Vulnerability Reserved
Jun 16, 2026

Credit

Tristan Madani (@TristanInSec)

CVE-2026-55204 Data

JSON

Haproxy

What is CVE-2026-55204?

Affected Version(s)

References

CVSS V4

Timeline

Credit