CVE-2026-14362
MEDIUM
NVD
CVSS Score
4.9
Severity
MEDIUM
Published
Jul 08, 2026
Vendor
unknown
Description
HashiCorp memberlist before version 0.6.0 is vulnerable to a denial-of-service issue in its push/pull state handling that may allow an attacker with network access to the gossip port to exhaust memory on a receiving node and cause the process to terminate. This vulnerability (CVE-2026-14362) is fixed in memberlist 0.6.0.