CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Erlang security advisory (AV26-651)

unknown
Serial number: AV26-651 Date: July 3, 2026 On July 2, 2026, Erlang published security advisories to address vulnerabilities in the following products: OTP – versions prior to 27.3.4.14, 28.5.0.3 and 29.0.3 SSL (OTP) – versions prior to 11.7.3, 11.6.0.3 and 11.2.12.10 The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates. Denial-of-Service for TLS-1.3 server Using Session Tickets DTLS Denial of Service Erlang Security

CSIRTS triage

What
Vulnerabilities in Erlang can cause denial-of-service for TLS-1.3 servers using session tickets and DTLS.
Who is affected
Deployments of Erlang versions prior to the specified versions are affected.
Urgency
Remediation is important to prevent denial-of-service attacks.
Action
Update Erlang to the specified versions or later.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch Erlang

Get an email when a new Erlang advisory drops — max one per day, one-click unsubscribe.

Details

Source
Canadian Centre for Cyber Security (CA · national-cert · site)
Severity
unknown
Published
2026-07-03
Exploitation
Not in CISA KEV at last sync

Original advisory: https://cyber.gc.ca/en/alerts-advisories/erlang-security-advisory-av26-651

More from Canadian Centre for Cyber Security