PatchSiren cyber security CVE debrief
CVE-2026-44249 netty CVE debrief
CVE-2026-44249 is a high-severity vulnerability in Netty's netty-handler component. An attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo(). Valid public IP addresses can bypass the restrictions. The issue was patched in versions 4.1.135.Final and 4.2.15.Final.
- Vendor
- netty
- Product
- Unknown
- CVSS
- HIGH 8.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-12
Who should care
Users of Netty's netty-handler component, especially those using versions prior to 4.1.135.Final and 4.2.15.Final, should be aware of this vulnerability and take steps to upgrade to a patched version.
Technical summary
The vulnerability is caused by an incorrect masking operation in IpSubnetFilterRule.compareTo(). This allows an attacker to bypass IPv6 subnet rules, potentially allowing valid public IP addresses to bypass restrictions.
Defensive priority
High
Recommended defensive actions
- Upgrade to Netty version 4.1.135.Final or 4.2.15.Final or later.
- Review and update IPv6 subnet rules to ensure they are properly configured.
Evidence notes
The CVE-2026-44249 vulnerability was published on [cvePublishedAt] and modified on [cveModifiedAt].
Official resources
CVE-2026-44249 was published on 2026-06-11T22:16:56.707Z and modified on 2026-06-12T15:55:06.377Z.