[NEW] [medium] Erlang/OTP: Multiple vulnerabilities
An attacker can exploit multiple vulnerabilities in Erlang/OTP to conduct a denial of service attack, disclose information, and bypass security measures.
CSIRTS triage
- What
- Multiple vulnerabilities can be exploited to conduct denial of service attacks, disclose information, and bypass security measures.
- Who is affected
- Deployments of Erlang/OTP are affected.
- Urgency
- Remediation is necessary to mitigate the risk of denial-of-service and information disclosure.
- Action
- Update Erlang/OTP to the latest version.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Erlang/OTP
Get an email when a new Erlang/OTP advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2194
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-534220.26% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 18% of all scored CVEs.
- Low exploitation riskCVE-2026-548860.33% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 25% of all scored CVEs.
- Low exploitation riskCVE-2026-548870.24% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 15% of all scored CVEs.
- Low exploitation riskCVE-2026-548910.14% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 3% of all scored CVEs.
- Low exploitation riskCVE-2026-559500.38% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 30% of all scored CVEs.
- Low exploitation riskCVE-2026-559520.49% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 39% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-53422 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-54886 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-54887 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-54891 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-55950 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-55952 | coverage & exploitation status | NVD · CVE.org |
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- highCVE-2026-55952: The Erlang/OTP ssl application does not validate that the PSK identity list and binder list ca…nvd
- mediumCVE-2026-55950: Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Erlang/OTP ssl (dtls_packet…nvd
- lowCVE-2026-54891: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulne…nvd
- mediumCVE-2026-54887: Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl (DTLS server) allows predicta…nvd
- mediumCVE-2026-54886: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Erlang OTP ssh (ssh_sf…nvd
- mediumCVE-2026-53422: Observable Response Discrepancy vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an a…nvd
- unknownCVE-2026-54886: SSH SFTP server denial of service via extended channel data infinite loopmsrc
- unknownCVE-2026-54891: Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-…msrc
- unknownCVE-2026-55952: TLS 1.3 server denial of service via malformed ClientHello pre-shared key extensionmsrc
Recent advisories for Erlang/OTP
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- highCVE-2026-55952: The Erlang/OTP ssl application does not validate that the PSK identity list and binder list ca…nvd · 2026-07-02
- mediumCVE-2026-55950: Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Erlang/OTP ssl (dtls_packet…nvd · 2026-07-02
- lowCVE-2026-54891: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulne…nvd · 2026-07-02
- mediumCVE-2026-54887: Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl (DTLS server) allows predicta…nvd · 2026-07-02
- criticalexploitedCVE-2025-32433: Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerabilitycisa-kev · 2025-06-09
More from CERT-Bund (BSI) Security Advisories
- medium[NEW] [medium] DENX U-Boot: Multiple vulnerabilities allow execution of arbitrary code and DoS2026-07-10
- medium[NEW] [medium] Samsung Android: Multiple vulnerabilities2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow unspecified attack2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10