Known Vulnerabilities for Quic by Quic Project
Listed below are 1 of the newest known vulnerabilities associated with "Quic" by "Quic Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-53622 json | Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 (QU... | Not Provided | 2026-06-23 | 2026-06-30 |
| CVE-2026-50009 json | Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Nett... | Not Provided | 2026-06-12 | 2026-06-12 |
| CVE-2026-45446 json | Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Addi... | Not Provided | 2026-06-09 | 2026-06-10 |
| CVE-2026-42764 json | Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QU... | Not Provided | 2026-06-09 | 2026-06-10 |
| CVE-2026-42530 json | NGINX Open Source has a vulnerability in the ngx_http_v3_module module. When NGINX Open Source is configured to use the HTTP... | Not Provided | 2026-06-17 | 2026-06-30 |
| CVE-2026-40898 json | quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.59.1, an attacker can cause excessive memory allo... | Not Provided | 2026-06-04 | 2026-06-04 |
| CVE-2026-40460 json | When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their so... | Not Provided | 2026-05-13 | 2026-05-13 |
| CVE-2026-40211 json | An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed righ... | Not Provided | 2026-06-25 | 2026-06-25 |
| CVE-2026-40170 json | ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_par... | Not Provided | 2026-04-16 | 2026-06-30 |
| CVE-2026-35579 json | CoreDNS is a DNS server written in Go. In versions prior to 1.14.3, the gRPC, QUIC, DoH, and DoH3 transport implementations i... | Not Provided | 2026-05-05 | 2026-06-30 |