PatchSiren cyber security CVE debrief
CVE-2026-56099 openbsd CVE debrief
CVE-2026-56099 is an out-of-bounds read vulnerability in the mpls_do_error function within OpenBSD's sys/netmpls/mpls_input.c. This vulnerability allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set. The vulnerability was patched in OpenBSD commit 6a23123 on June 18, 2026. System administrators and security teams responsible for OpenBSD systems, especially those exposed to untrusted networks, should prioritize patching this vulnerability to prevent potential kernel stack memory disclosure.
- Vendor
- openbsd
- Product
- src
- CVSS
- MEDIUM 6.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-18
- Original CVE updated
- 2026-06-27
- Advisory published
- 2026-06-18
- Advisory updated
- 2026-06-27
Who should care
System administrators and security teams responsible for OpenBSD systems, especially those exposed to untrusted networks, should prioritize patching this vulnerability to prevent potential kernel stack memory disclosure. This includes teams managing OpenBSD deployments in cloud environments, data centers, or other settings where network exposure is a concern.
Technical summary
The mpls_do_error function in OpenBSD's sys/netmpls/mpls_input.c is vulnerable to an out-of-bounds read attack. By sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set, remote attackers can exploit this vulnerability to disclose kernel stack memory. This issue was addressed in OpenBSD commit 6a23123 on June 18, 2026. The vulnerability affects OpenBSD systems prior to this commit, and system administrators should prioritize patching to prevent potential kernel stack memory disclosure.
Defensive priority
High
Recommended defensive actions
- Apply the official patch from OpenBSD (commit 6a23123) to vulnerable systems.
- Restrict access to MPLS services to trusted sources only.
- Implement network monitoring to detect suspicious MPLS traffic.
- Consider using network segmentation to limit the impact of a potential exploit.
- Regularly review and update OpenBSD systems to ensure they have the latest security patches.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
Evidence notes
The CVE record was published on June 18, 2026, and last modified on June 27, 2026. The NVD entry is currently Analyzed. The vulnerability was patched in OpenBSD commit 6a23123 on June 18, 2026. Multiple sources, including Vulncheck and Argus Systems, have reported on this vulnerability. The CVE record and NVD entry provide additional context for this vulnerability.
Official resources
-
CVE-2026-56099 CVE record
CVE.org
-
CVE-2026-56099 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Patch
-
Mitigation or vendor reference
[email protected] - Exploit, Patch, Third Party Advisory
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
-
Mitigation or vendor reference
af854a3a-2127-422b-91ae-364da2661108 - Exploit, Mailing List, Patch, Third Party Advisory
-
Mitigation or vendor reference
af854a3a-2127-422b-91ae-364da2661108 - Exploit, Mailing List, Patch, Third Party Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-18T20:16:15.370Z and has not been modified since then. The NVD entry is currently Analyzed.