CVE-2026-22904
Published: 09 February 2026
Description
Improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution.
Mitigating Controls (NIST 800-53 r5)AI
Directly remediates the stack buffer overflow vulnerability by identifying, reporting, and applying patches for improper cookie length handling.
Requires validation of cookie input lengths to prevent oversized values from triggering the buffer overflow during parsing.
Implements memory protections like stack canaries and ASLR to block exploitation of the stack buffer overflow for RCE or DoS.
Security SummaryAI
CVE-2026-22904, published on 2026-02-09, is a stack buffer overflow vulnerability stemming from improper length handling during the parsing of multiple cookie fields, including TRACKID. An unauthenticated remote attacker can supply oversized cookie values to trigger the overflow. The issue is classified under CWE-121 (Stack-based Buffer Overflow) with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its potential for high confidentiality, integrity, and availability impacts.
The attack scenario involves an unauthenticated attacker over networks with low complexity and no user interaction required. By crafting and sending HTTP requests with excessively large cookie values, the attacker can cause a stack buffer overflow, leading to a denial-of-service condition or possible remote code execution if the overflow is exploited further.
Mitigation details are available in the referenced advisory at https://certvde.com/de/advisories/VDE-2026-004.
Details
- CWE(s)
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unauthenticated remote stack buffer overflow in cookie parsing enables exploitation of a public-facing application for DoS or potential RCE.