CVE-2026-23826
Analyzed
Analyzed - Analysis Complete
BaseFortify
Vulnerability report for CVE-2026-23826, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-05-12
Last updated on: 2026-05-15
Assigner: Hewlett Packard Enterprise (HPE)
Description
Description
A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitation could cause the affected service process to terminate unexpectedly, disrupting normal device operations.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| arubanetworks | arubaos | From 6.5.4.0 (inc) to 8.10.0.22 (exc) |
| arubanetworks | arubaos | From 8.11.0.0 (inc) to 8.12.0.7 (exc) |
| arubanetworks | arubaos | From 8.13.0.0 (inc) to 8.13.1.2 (exc) |
| arubanetworks | sd-wan | From 8.6.0.4-2.2.0.0 (inc) to 8.6.0.4-2.2.0.7 (inc) |
| arubanetworks | sd-wan | From 8.7.0.0-2.3.0.0 (inc) to 8.7.0.0-2.3.0.9 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-770 | The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
