Primary

Context

Tor Conflux BEGIN_DIR Handling Vulnerability

Vulnerability

Patched

A vulnerability exists in Tor versions prior to 0.4.9.7, where the application can improperly manage BEGIN_DIR requests through conflux legs. This issue, identified as TROVE-2026-008, can lead to incorrect directory handling in the Tor network.

Impact

Exploitation of this vulnerability can cause improper management of directory requests, potentially disrupting normal Tor operations.

Reproduction

The vulnerability can be reproduced by sending a BEGIN_DIR command through a conflux leg on a relay that is set to accept such commands. This can be done by manipulating the circuit's state to include a conflux link and then sending the BEGIN_DIR command without a proper directory stream context.

Remediation

Users are advised to upgrade to Tor version 0.4.9.7, which addresses this vulnerability by preventing the acceptance or initiation of BEGIN_DIR commands over conflux legs.

Added: May 7, 2026, 3:20 AM

Updated: May 7, 2026, 3:20 AM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.6

exploitability

5.7

remediation

7.7

relevance

7.7

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.6

exploitability

5.7

remediation

7.7

relevance

7.7

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tor Conflux BEGIN_DIR Handling Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Tor

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating