Primary

Context

FRRouting Denial-of-Service Vulnerability in MP_REACH_NLRI Component

Vulnerability

Patched

A denial-of-service vulnerability has been identified in the MP_REACH_NLRI component of FRRouting (FRR) versions stable/10.0 through stable/10.6. This vulnerability arises from missing input validation, which allows authenticated attackers to disrupt service by sending a crafted UPDATE message.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the application to become unresponsive or unavailable.

Remediation

Users can upgrade to FRRouting versions stable/10.6 or later, where this vulnerability has been addressed.

Added: May 4, 2026, 4:19 PM

Updated: May 4, 2026, 4:19 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

6.1

remediation

7.7

relevance

7.4

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

6.1

remediation

7.7

relevance

7.4

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FRRouting Denial-of-Service Vulnerability in MP_REACH_NLRI Component

Vulnerability

Impact

Remediation

Affected Products

FRRouting

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating