Description
An unauthenticated remote attacker can send a crafted HTTP request containing an overly long SESSIONID cookie. This can trigger a stack buffer overflow in the modified lighttpd server, causing it to crash and potentially enabling remote code execution due to missing stack protections.
INFO
Published Date :
2026-02-09T07:39:42.537Z
Last Modified :
2026-02-09T07:39:42.537Z
Source :
CERTVDE
AFFECTED PRODUCTS
The following products are affected by CVE-2026-22903 vulnerability.
No data.
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2026-22903.
| URL | Resource |
|---|---|
| https://certvde.com/de/advisories/VDE-2026-004 |
|
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact