CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-26514

An Argument Injection vulnerability exists in bird-lg-go before commit 6187a4e. The traceroute module uses shlex.Split to parse user input without validation, allowing remote attackers to inject arbitrary flags (e.g., -w, -q) via the q parameter. This can be exploited to cause a Denial of Service (DoS) by exhausting system resources.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.7%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2026-26514

Xddxdd » Bird-Lg-Go » Version: 1.0.0

cpe:2.3:a:xddxdd:bird-lg-go:1.0.0
Xddxdd » Bird-Lg-Go » Version: 1.1.0

cpe:2.3:a:xddxdd:bird-lg-go:1.1.0
Xddxdd » Bird-Lg-Go » Version: 1.1.1

cpe:2.3:a:xddxdd:bird-lg-go:1.1.1
Xddxdd » Bird-Lg-Go » Version: 1.2.0

cpe:2.3:a:xddxdd:bird-lg-go:1.2.0
Xddxdd » Bird-Lg-Go » Version: 1.3.0

cpe:2.3:a:xddxdd:bird-lg-go:1.3.0
Xddxdd » Bird-Lg-Go » Version: 1.3.1

cpe:2.3:a:xddxdd:bird-lg-go:1.3.1
Xddxdd » Bird-Lg-Go » Version: 1.3.10

cpe:2.3:a:xddxdd:bird-lg-go:1.3.10
Xddxdd » Bird-Lg-Go » Version: 1.3.11

cpe:2.3:a:xddxdd:bird-lg-go:1.3.11
Xddxdd » Bird-Lg-Go » Version: 1.3.12

cpe:2.3:a:xddxdd:bird-lg-go:1.3.12
Xddxdd » Bird-Lg-Go » Version: 1.3.12.1

cpe:2.3:a:xddxdd:bird-lg-go:1.3.12.1
Xddxdd » Bird-Lg-Go » Version: 1.3.2

cpe:2.3:a:xddxdd:bird-lg-go:1.3.2
Xddxdd » Bird-Lg-Go » Version: 1.3.2.1

cpe:2.3:a:xddxdd:bird-lg-go:1.3.2.1
Xddxdd » Bird-Lg-Go » Version: 1.3.2.2

cpe:2.3:a:xddxdd:bird-lg-go:1.3.2.2
Xddxdd » Bird-Lg-Go » Version: 1.3.3

cpe:2.3:a:xddxdd:bird-lg-go:1.3.3
Xddxdd » Bird-Lg-Go » Version: 1.3.4

cpe:2.3:a:xddxdd:bird-lg-go:1.3.4
Xddxdd » Bird-Lg-Go » Version: 1.3.5

cpe:2.3:a:xddxdd:bird-lg-go:1.3.5
Xddxdd » Bird-Lg-Go » Version: 1.3.6

cpe:2.3:a:xddxdd:bird-lg-go:1.3.6
Xddxdd » Bird-Lg-Go » Version: 1.3.7

cpe:2.3:a:xddxdd:bird-lg-go:1.3.7
Xddxdd » Bird-Lg-Go » Version: 1.3.7.1

cpe:2.3:a:xddxdd:bird-lg-go:1.3.7.1
Xddxdd » Bird-Lg-Go » Version: 1.3.8

cpe:2.3:a:xddxdd:bird-lg-go:1.3.8
Xddxdd » Bird-Lg-Go » Version: 1.3.9

cpe:2.3:a:xddxdd:bird-lg-go:1.3.9
Xddxdd » Bird-Lg-Go » Version: 1.4.0

cpe:2.3:a:xddxdd:bird-lg-go:1.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-26514

Products

Pricing

Contact Us