Every CVE whose affected-product data names Osrg Gobgp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2025-43971 — CVSS 8.6 (high): An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for…
CVE-2026-41642 — CVSS 7.5 (high): GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.3.0, a remote Denial of…
CVE-2026-42285 — CVSS 7.5 (high): GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.4.0, an unauthenticated…
CVE-2026-41643 — CVSS 7.5 (high): GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. Prior to version 4.3.0, a remote…
CVE-2026-30405 — CVSS 7.5 (high): An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to cause a denial of service via the NEXT_HOP path attribute
CVE-2026-37461 — CVSS 7.5 (high): An out-of-bounds read in the ParseIP6Extended function (/bgp/bgp.go) of gobgp v4.3.0 allows attackers to cause a Denial of Service (DoS)…
CVE-2026-7736 — CVSS 7.3 (high): A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file…
CVE-2026-7735 — CVSS 7.3 (high): A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file…
CVE-2025-43972 — CVSS 6.8 (medium): An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer…
CVE-2025-43973 — CVSS 6.8 (medium): An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in…
CVE-2026-7737 — CVSS 5.3 (medium): A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisti…
CVE-2026-7734 — CVSS 5.3 (medium): A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file…
CVE-2025-43970 — CVSS 4.3 (medium): An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that…
CVE-2026-5123 — CVSS 3.7 (low): A weakness has been identified in osrg GoBGP up to 4.3.0. This impacts the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go…
CVE-2026-5122 — CVSS 3.7 (low): A security flaw has been discovered in osrg GoBGP up to 4.3.0. This affects the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go…
CVE-2026-5124 — CVSS 3.7 (low): A security vulnerability has been detected in osrg GoBGP up to 4.3.0. Affected is the function BGPHeader.DecodeFromBytes of the file…