PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-10649 Red Hat CVE debrief

CVE-2026-10649 is a high-severity vulnerability in Pacemaker, a software for managing cluster resources. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial of service (DoS) in the CIB remote listener. This can result in the affected service crashing.

Vendor
Red Hat
Product
Red Hat Enterprise Linux 10
CVSS
HIGH 8.6
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-16
Original CVE updated
2026-06-17
Advisory published
2026-06-16
Advisory updated
2026-06-17

Who should care

Users of Pacemaker, particularly those in environments where remote access is possible, should be aware of this vulnerability. The CVSS score of 8.6 indicates a high severity level.

Technical summary

The vulnerability is caused by an integer overflow in the remote message decompression process of Pacemaker. This allows an unauthenticated remote attacker to potentially cause a denial of service (DoS) condition.

Defensive priority

High

Recommended defensive actions

  • Apply patches or updates provided by the Pacemaker maintainers or relevant vendors as soon as possible.
  • Restrict remote access to Pacemaker services to trusted sources only.
  • Monitor Pacemaker logs and service status for signs of exploitation or anomalies.

Evidence notes

The CVE record and references provide evidence of the vulnerability's existence and details. [See CVE-2026-10649 CVE record](resourceLinkAnnotations.cve-org) and [NVD detail](resourceLinkAnnotations.nvd) for more information.

Official resources

CVE-2026-10649 was published on 2026-06-16T17:16:30.773Z and modified on 2026-06-16T19:16:30.490Z.