Every CVE whose affected-product data names Lldpd Project Lldpd, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2015-8011 — CVSS 9.8 (critical): Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of…
CVE-2023-41910 — CVSS 9.8 (critical): An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can…
CVE-2015-8012 — CVSS 7.5 (high): lldpd before 0.8.0 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via a malformed packet.
CVE-2020-27827 — CVSS 7.5 (high): A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to…
CVE-2021-43612 — CVSS 7.5 (high): In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via…
CVE-2026-46433 — CVSS 6.5 (medium): lldpd is an implementation of IEEE 802.1ab (LLDP). Prior to version 1.0.22, lldpd_decode() in src/daemon/lldpd.c strips 802.1Q VLAN tags…