Pavel-odintsov Fastnetmon — known CVE vulnerabilities
Every CVE whose affected-product data names Pavel-odintsov Fastnetmon, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2026-48691 — CVSS 9.8 (critical): FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP AS_PATH attribute encoder. In src/bgp_protocol.hpp, the…
CVE-2026-48686 — CVSS 9.8 (critical): FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI (Network Layer Reachability Information)…
CVE-2026-48687 — CVSS 9.8 (critical): FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The…
CVE-2026-48689 — CVSS 9.8 (critical): FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamic_binary_buffer_t class…
CVE-2026-48692 — CVSS 8.1 (high): FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no authentication mechanism. The server is…
CVE-2026-48694 — CVSS 8.1 (high): FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In…
CVE-2026-48695 — CVSS 8.1 (high): FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the MikroTik router integration plugin. The…
CVE-2026-48688 — CVSS 7.5 (high): FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MP_REACH_NLRI IPv6 attribute decoder. The…
CVE-2024-56073 — CVSS 7.5 (high): An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause…
CVE-2024-56072 — CVSS 7.5 (high): An issue was discovered in FastNetMon Community Edition through 1.2.7. The sFlow v5 plugin allows remote attackers to cause a denial of…
CVE-2026-48697 — CVSS 7.4 (high): FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The execute_web_request_secure()…
CVE-2026-48690 — CVSS 7.1 (high): FastNetMon Community Edition through 1.2.9 contains an integer overflow vulnerability in the packet capture buffer allocation. In…
CVE-2026-48685 — CVSS 6.5 (medium): FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the…
CVE-2026-48684 — CVSS 6.5 (medium): FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In…
CVE-2026-48696 — CVSS 6.2 (medium): FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689.
CVE-2026-48693 — CVSS 5.5 (medium): FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via predictable file paths in /tmp. The statistics file…