NVD CRITICAL: CVE-2026-44603 — Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN c...

Thursday, May 7, 2026 at 04:16 AM UTC·Source: NIST NVD

Updated: Thursday, May 7, 2026 at 11:00 PM UTC

Executive Summary

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007.

Analysis

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007. CVSS Score: 3.7. Published: 2026-05-07T04:16:35.387.

Indicators of Compromise (2)

CVE (1)

CVE-2026-44603

NVD MITRE CVE

IPv4 (1)

0.4.9.7

VirusTotal Shodan AbuseIPDB

Source Attribution

Originally published by NIST NVD on May 7, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Alipay lets shoppers delegate purchases to AI

Chinese payments giant Alipay has begun letting users authorise AI to handle payments on their behalf.

1h agoFinextra

LOWVulnerability

Cloudflare Cuts 1,100, Arctic Wolf Axes 250 Amid AI Surge

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/cloudflare-cuts-1100-arctic-wolf-axes-250-amid-ai-surge-image_small-1-a-31657.jpg" align=right hspace=4><b>Cloud Connectivity, Security Operations Providers Reportedly Chop 20%, 7% of Staff</b><br>Cloudflare cut more than 1,100 workers from its 5,483-person staff, saying the layoffs will align Cloudflare's operations with AI-drive

1h agoBank Info Security

CRITICALVulnerability

Why Hospitals Must Rethink Cyber Resilience

In the face of relentless cyberattacks that threaten patient safety, hospitals must strengthen their resilience, with clinical continuity, secure backups and coordinated recovery emerging as critical strategies, said John Riggi of the American Hospital Association and Josh Howell of Rubrik.

1h agoBank Info Security