CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ⬡ Vulnerabilities & CVEs

CVE-2026-23555 | Xen Xenstored denial of service (Nessus ID 302813 / WID-SEC-2026-0760)

VulDB Archived Mar 18, 2026 ✓ Full text saved

A vulnerability classified as critical was found in Xen . The impacted element is an unknown function of the component Xenstored . Such manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2026-23555 . The attack can only be initiated within the local network. No exploit exists. Applying a patch is advised to resolve this issue.

Full text archived locally
✦ AI Summary · Claude Sonnet


    VDB-351513 · CVE-2026-23555 · NESSUS 302813 XEN XENSTORED DENIAL OF SERVICE HISTORYDIFFRELATEJSONXMLCTI CVSS Meta Temp Score Current Exploit Price (≈) CTI Interest Score 5.5 $0-$5k 0.94 Summaryinfo A vulnerability, which was classified as critical, has been found in Xen. This affects an unknown function of the component Xenstored. Performing a manipulation results in denial of service. This vulnerability was named CVE-2026-23555. There is no available exploit. It is suggested to install a patch to address this issue. Detailsinfo A vulnerability classified as critical has been found in Xen (affected version unknown). This affects an unknown functionality of the component Xenstored. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. This is going to have an impact on availability. The advisory is shared at xenbits.xen.org. This vulnerability is uniquely identified as CVE-2026-23555. Neither technical details nor an exploit are publicly available. The vulnerability scanner Nessus provides a plugin with the ID 302813 (Linux Distros Unpatched Vulnerability : CVE-2026-23555), which helps to determine the existence of the flaw in a target environment. Applying a patch is able to eliminate this problem. The bugfix is ready for download at xenbits.xen.org. The vulnerability is also documented in the databases at Tenable (302813) and CERT Bund (WID-SEC-2026-0760). Affected Open Source Xen Citrix Systems XenServer Productinfo Type Virtualization Software Name Xen License open-source CPE 2.3info 🔒 CPE 2.2info 🔒 CVSSv4info VulDB Vector: 🔒 VulDB Reliability: 🔍 CVSSv3info VulDB Meta Base Score: 5.7 VulDB Meta Temp Score: 5.5 VulDB Base Score: 5.7 VulDB Temp Score: 5.5 VulDB Vector: 🔒 VulDB Reliability: 🔍 CVSSv2info Vector Complexity Authentication Confidentiality Integrity Availability Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock VulDB Base Score: 🔒 VulDB Temp Score: 🔒 VulDB Reliability: 🔍 Exploitinginfo Class: Denial of service CWE: CWE-404 CAPEC: 🔒 ATT&CK: 🔒 Physical: No Local: No Remote: Partially Availability: 🔒 Status: Not defined Price Prediction: 🔍 Current Price Estimation: 🔒 0-Day Unlock Unlock Unlock Unlock Today Unlock Unlock Unlock Unlock Nessus ID: 302813 Nessus Name: Linux Distros Unpatched Vulnerability : CVE-2026-23555 Threat Intelligenceinfo Interest: 🔍 Active Actors: 🔍 Active APT Groups: 🔍 Countermeasuresinfo Recommended: Patch Status: 🔍 0-Day Time: 🔒 Patch: xenbits.xen.org Timelineinfo 03/18/2026 Advisory disclosed 03/18/2026 +0 days VulDB entry created 03/18/2026 +0 days VulDB entry last update Sourcesinfo Advisory: xenbits.xen.org Status: Confirmed CVE: CVE-2026-23555 (🔒) GCVE (CVE): GCVE-0-2026-23555 GCVE (VulDB): GCVE-100-351513 CERT Bund: WID-SEC-2026-0760 - Xen und Citrix Systems XenServer: Mehrere Schwachstellen Entryinfo Created: 03/18/2026 09:24 Updated: 03/18/2026 12:12 Changes: 03/18/2026 09:24 (51), 03/18/2026 10:58 (2), 03/18/2026 12:12 (7) Complete: 🔍 Cache ID: 99:D58:101 Discussion No comments yet. Languages: en. Please log in to comment. ◂ PreviousOverviewNext ▸
    💬 Team Notes
    Article Info
    Source
    VulDB
    Category
    ⬡ Vulnerabilities & CVEs
    Published
    Archived
    Mar 18, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗