NVD HIGH: CVE-2026-58374 — In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be...
In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 (IEEE 802.11be) Multi-Link Operation (MLO) association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile subelement. In hostapd_process_ml_assoc_req() in src/ap/ieee802_11_eht.c, the received link_id field can be
CVE-2026-58374