PatchSiren

openresty CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH openresty CVE published 2026-07-10

CVE-2026-55233

CVE-2026-55233 is an out-of-bounds write vulnerability in OpenResty PROXY protocol v2 implementation. The issue exists from version 1.29.2.1 to before 1.29.2.5. When OpenResty is configured to send PROXY protocol version 2 headers to upstream servers, constructing the header in the stream proxy protocol v2 patch can write beyond the bounds of the allocated buffer, causing the worker process to crash and r [truncated]