Cyber Resilience

CVE-2026-37457

HighUpdated

Published: 01 May 2026

Published
01 May 2026
Modified
29 May 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0006 18.1th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-37457 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Frrouting Frrouting. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 18.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-37457 is an off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function within bgpd/bgp_flowspec_util.c of FRRouting (FRR) stable/10.0. Published on 2026-05-01, this flaw enables attackers to cause a Denial of Service (DoS) by supplying a crafted FlowSpec component. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and maps to CWE-787 (Out-of-bounds Write).

The vulnerability is exploitable remotely over the network by unauthenticated attackers requiring low complexity and no user interaction. Exploitation triggers an out-of-bounds write, leading to a crash of the affected FRR bgpd process and a high-impact denial of service on the routing service.

Mitigation is provided through a patch in the FRR repository, as documented in the commit at https://github.com/FRRouting/frr/commit/0e6882bc72c0278988a47b2f0f73b7a91099a25c. Security practitioners should apply this fix to FRR stable/10.0 instances exposed to untrusted BGP peers handling FlowSpec updates.

EU & UK References

Vulnerability details

An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted FlowSpec component.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

The off-by-one out-of-bounds write in bgpd enables remote unauthenticated attackers to crash the routing process via crafted FlowSpec input, directly facilitating Endpoint Denial of Service through application exploitation.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-24422Shared CWE-787
CVE-2026-41989Shared CWE-787
CVE-2025-13151Shared CWE-787
CVE-2020-37208Shared CWE-787
CVE-2026-43656Shared CWE-787
CVE-2025-24326Shared CWE-787
CVE-2021-47786Shared CWE-787
CVE-2019-25478Shared CWE-787
CVE-2026-27853Shared CWE-787
CVE-2026-24827Shared CWE-787

Affected Assets

frrouting
frrouting
10.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Mandates timely identification, reporting, and correction of software flaws like the off-by-one out-of-bounds write in FRR's bgp_flowspec_op_decode() to prevent DoS crashes from crafted FlowSpec components.

prevent

Deploys memory protection mechanisms such as stack canaries and non-executable memory to mitigate out-of-bounds writes that cause bgpd process crashes in FRRouting.

prevent

Enforces validation of untrusted BGP FlowSpec inputs to block malformed components that exploit the decoding vulnerability leading to DoS.

References