Heap-based Buffer Overflow in socat Affects Network Communication Security
CVE-2026-56123

9.2CRITICAL

Key Information:

Vendor: Socat
Status: Socat
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-56123?

Versions 1.8.0.0 to 1.8.1.1 of socat are susceptible to a heap-based buffer overflow vulnerability. This flaw arises during the parsing of the DOMAINNAME reply in SOCKS5 proxy connections, where an incorrectly handled domain name length byte can lead to an erroneous negative bytes_to_read value. This value, when converted implicitly to a size_t, results in unbounded writes to a 262-byte reply buffer, potentially allowing an attacker to overwrite adjacent heap memory and control the content that is written.

Affected Version(s)

socat 1.8.0.0

References

http://www.dest-unreach.org/socat/CHANGES

release-notespatch

https://www.vulncheck.com/advisories/socat-heap-buffer-ov...

third-party-advisory

CVSS V4

Score:

9.2

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Jun 18, 2026

Credit

Tristan Madani (@TristanInSec)

CVE-2026-56123 Data

JSON

Socat

What is CVE-2026-56123?

Affected Version(s)

References

CVSS V4

Timeline

Credit