What is CVE-2026-44894?

CVE-2026-44894 is a high-severity vulnerability, classified under Improper Verification of Source of a Communication Channel. CVSS score: 7.5/10. Published 2026-06-12.

How severe is CVE-2026-44894?

High severity. CVSS v3 base score is 7.5 out of 10.

CVE-2026-44894

CVE-2026-44894

Netty is a network application framework for development of protocol servers and clients. NoQuicTokenHandler is the tokenHandler used when the application does not set one. Prior to version 4.2.15.Final, its writeToken() returns false (ser…

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N.

Weakness classification (CWE)

CWE-940 — Improper Verification of Source of a Communication Channel

References

security-advisories@github.com
security-advisories@github.com

Frequently asked questions

What is CVE-2026-44894?: CVE-2026-44894 is a high-severity vulnerability, classified under Improper Verification of Source of a Communication Channel. CVSS score: 7.5/10. Published 2026-06-12.
How severe is CVE-2026-44894?: High severity. CVSS v3 base score is 7.5 out of 10.