CVE-2026-14362

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/07/2026
Last modified:
09/07/2026

Description

HashiCorp memberlist before version 0.6.0 is vulnerable to a denial-of-service issue in its push/pull state handling that may allow an attacker with network access to the gossip port to exhaust memory on a receiving node and cause the process to terminate. This vulnerability (CVE-2026-14362) is fixed in memberlist 0.6.0.