Product

StrongSwan <= 5.9.13

2 briefs RSS

strongSwan 5.9.13 Denial-of-Service Vulnerability (CVE-2026-35333)

A denial-of-service vulnerability exists in strongSwan version 5.9.13 due to a flaw in the eap-radius plugin when built with DAE enabled, allowing remote attackers to exhaust worker threads by sending a crafted RADIUS Access-Request (CVE-2026-35333).

strongSwan <= 5.9.13 denial-of-service radius strongswan CVE-2026-35333

2r 1t 1d ago

critical advisory

strongSwan 5.9.13 libsimaka EAP-SIM/AKA Heap Buffer Overflow Vulnerability

2 rules 1 TTP

A remote exploit is available for strongSwan 5.9.13 exploiting a heap buffer overflow in the libsimaka EAP-SIM/AKA module (CVE-2026-35330), enabling pre-authentication exploitation via a malformed EAP-SIM/AKA payload.

strongSwan <= 5.9.13 strongSwan heap-overflow eap-sim eap-aka CVE-2026-35330 exploit

2r 1t 1d ago