Home

Description

An issue in MikroTIk (SIA Mikrotikls, Latvia) RouterOS 7.21.x before v.7.21.4 and 7.22.x before v.7.22.2 allows a remote attacker to cause a denial of service via the unflatten() function in libumsg.so.

PUBLISHED Reserved 2026-04-06 | Published 2026-07-13 | Updated 2026-07-13 | Assigner mitre

References

mikrotik.com/supportsec

zakpatrik.cz/...erflow-in-mikrotik-routeros-core-ipc-library

cve.org (CVE-2026-39042)

nvd.nist.gov (CVE-2026-39042)

Download JSON