Known Vulnerabilities for products from Erlang
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Erlang".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-55952 json | Not Provided | 2026-07-02 | 2026-07-03 | |
| CVE-2026-55950 json | Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Erlang/OTP ssl (dtls_packet_demux module) allows an unauth... | Not Provided | 2026-07-02 | 2026-07-07 |
| CVE-2026-54891 json | Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl (tls... | Not Provided | 2026-07-02 | 2026-07-07 |
| CVE-2026-54888 json | Not Provided | 2026-06-29 | 2026-06-30 | |
| CVE-2026-54887 json | Not Provided | 2026-07-02 | 2026-07-03 | |
| CVE-2026-54886 json | Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authentic... | Not Provided | 2026-07-02 | 2026-07-07 |
| CVE-2026-53426 json | Not Provided | 2026-06-29 | 2026-06-30 | |
| CVE-2026-53422 json | Not Provided | 2026-07-02 | 2026-07-03 | |
| CVE-2026-49762 json | Not Provided | 2026-06-09 | 2026-06-09 | |
| CVE-2026-49760 json | Stack-based Buffer Overflow vulnerability in Erlang OTP (erl_interface) allows Stack-based Buffer Overflow. This vulnerabili... | Not Provided | 2026-06-10 | 2026-06-15 |
| CVE-2026-49759 json | Stack-based Buffer Overflow vulnerability in Erlang OTP erts (inet_drv) allows an unauthenticated remote attacker to crash th... | Not Provided | 2026-06-10 | 2026-06-30 |
| CVE-2026-48860 json | Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl (inet_tls_dist module) allows unauthenticated bypas... | Not Provided | 2026-06-10 | 2026-06-15 |
| CVE-2026-48859 json | Observable Timing Discrepancy vulnerability in Erlang/OTP ssh (ssh_auth, ssh_options modules) allows unauthenticated remote u... | Not Provided | 2026-06-10 | 2026-06-15 |
| CVE-2026-48858 json | Server-Side Request Forgery (SSRF) vulnerability in Erlang/OTP ftp (ftp_internal module) allows FTP bounce attacks and SSRF v... | Not Provided | 2026-06-10 | 2026-06-11 |
| CVE-2026-48856 json | Sensitive Data Exposure vulnerability in Erlang OTP inets (httpc_response module) allows Retrieve Embedded Sensitive Data. T... | Not Provided | 2026-06-10 | 2026-06-15 |
| CVE-2026-48855 json | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh (ssh_sftpd module) allows File Dis... | Not Provided | 2026-06-10 | 2026-06-15 |
| CVE-2026-42791 json | Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses sign... | Not Provided | 2026-05-27 | 2026-06-02 |
| CVE-2026-42790 json | Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS name... | Not Provided | 2026-05-27 | 2026-06-30 |
| CVE-2026-42789 json | Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP public_key (pubkey_cert module) allows a non... | Not Provided | 2026-05-27 | 2026-06-30 |
| CVE-2026-32147 json | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP ssh (ssh_sftpd mod... | Not Provided | 2026-04-21 | 2026-05-21 |
Known software with vulnerabilities from Erlang
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Erlang | Crypto | 1.0 |
| Application | Erlang | Erlang/otp | 17.0 |
| Application | Erlang | Otp | - |
| Application | Erlang | Rebar3 | 3.0.0 |