MEDIUM🇵🇱 Wersja polska

CVE-2026-45676

CVSS 5.5v3.1pub. 2026-06-02upd. 2026-06-03

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section pointers or slice past string tables, causing the agent to panic while determining the process language. This issue has been patched in version 0.9.0.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • Opentelemetry Ebpf Instrumentation

    APP
    Opentelemetry
    < 0.9.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-45678HIGH7.5ten sam produkt

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to...

CVE-2026-45685HIGH7.5ten sam produkt

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From ver...

CVE-2026-45686HIGH7.5ten sam produkt

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From ver...

CVE-2026-45681MEDIUM5.9ten sam produkt

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to...

CVE-2026-45682MEDIUM5.1ten sam produkt

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to...