← All CVEs

CVE-2026-12549

MEDIUM 4.8

Published 2026-06-22 · Last modified 2026-06-23

The fix for CVE-2026-2443 was regressed by a subsequent rework commit that replaced specific overflow checks with a general signed comparison. When a client sends a Range request with a suffix length exceeding the content size, the resulting negative start value is not properly clamped, leading to malformed HTTP 206 responses and log flooding.

NO EXPLOITATION SIGNALS

No known exploitation, public exploit, or elevated probability at this time. Track for changes.

Exploitation likelihood

0.3%chance of exploitation in 30 days · 23rd percentile

○ In CISA KEV ○ Public exploit / PoC

Impact if exploited

4.8CVSS 3.1 · MEDIUM

  • ConfidentialityLow
  • IntegrityNone
  • AvailabilityLow

What an attacker needs

  • Access: Reachable over the network — no local access needed
  • Privileges: No account or privileges required
  • User interaction: No user interaction needed
  • Complexity: Needs a race window or specific setup

✓ lowers the bar for an attacker · ⚠ raises it

Affected

Vendors Red Hat

Products Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9

Weakness (CWE)

  • CWE-805

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

Sources: NVD · CVE.org · EPSS