NVD HIGH: CVE-2026-48688 — FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads...
FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MP_REACH_NLRI IPv6 attribute decoder. The function decode_mp_reach_ipv6() in src/bgp_protocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after attribute memory block.' The function casts raw pointers to structure types without verifying suffi
CVE-2026-48688