CVE-2026-48688 documents multiple out-of-bounds read vulnerabilities in FastNetMon Community Edition through version 1.2.9, specifically within the BGP MP_REACH_NLRI IPv6 attribute decoder. The vulnerability resides in the `decode_mp_reach_ipv6()` function in `src/bgp_protocol.cpp`, where insufficient bounds validation allows attacker-controlled input to drive memory read operations beyond allocated buffe [truncated]
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read vulnerability in its NetFlow v9 data flowset processor. The vulnerability exists in src/netflow_plugin/netflow_v9_collector.cpp, where the Data template branch (lines 1695-1702) iterates over flow records without performing per-iteration bounds checks against the packet end pointer. In contrast, the Options template branch (lines 17 [truncated]
