CVE-2026-23555 | Xen Xenstored denial of service (Nessus ID 302813 / WID-SEC-2026-0760)
VulDBArchived Mar 18, 2026✓ Full text saved
A vulnerability classified as critical was found in Xen . The impacted element is an unknown function of the component Xenstored . Such manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2026-23555 . The attack can only be initiated within the local network. No exploit exists. Applying a patch is advised to resolve this issue.
Full text archived locally
✦ AI Summary· Claude Sonnet
VDB-351513 · CVE-2026-23555 · NESSUS 302813
XEN XENSTORED DENIAL OF SERVICE
HISTORYDIFFRELATEJSONXMLCTI
CVSS Meta Temp Score Current Exploit Price (≈) CTI Interest Score
5.5 $0-$5k 0.94
Summaryinfo
A vulnerability, which was classified as critical, has been found in Xen. This affects an unknown function of the component Xenstored. Performing a manipulation results in denial of service. This vulnerability was named CVE-2026-23555. There is no available exploit. It is suggested to install a patch to address this issue.
Detailsinfo
A vulnerability classified as critical has been found in Xen (affected version unknown). This affects an unknown functionality of the component Xenstored. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. This is going to have an impact on availability.
The advisory is shared at xenbits.xen.org. This vulnerability is uniquely identified as CVE-2026-23555. Neither technical details nor an exploit are publicly available.
The vulnerability scanner Nessus provides a plugin with the ID 302813 (Linux Distros Unpatched Vulnerability : CVE-2026-23555), which helps to determine the existence of the flaw in a target environment.
Applying a patch is able to eliminate this problem. The bugfix is ready for download at xenbits.xen.org.
The vulnerability is also documented in the databases at Tenable (302813) and CERT Bund (WID-SEC-2026-0760).
Affected
Open Source Xen
Citrix Systems XenServer
Productinfo
Type
Virtualization Software
Name
Xen
License
open-source
CPE 2.3info
🔒
CPE 2.2info
🔒
CVSSv4info
VulDB Vector: 🔒
VulDB Reliability: 🔍
CVSSv3info
VulDB Meta Base Score: 5.7
VulDB Meta Temp Score: 5.5
VulDB Base Score: 5.7
VulDB Temp Score: 5.5
VulDB Vector: 🔒
VulDB Reliability: 🔍
CVSSv2info
Vector Complexity Authentication Confidentiality Integrity Availability
Unlock Unlock Unlock Unlock Unlock Unlock
Unlock Unlock Unlock Unlock Unlock Unlock
Unlock Unlock Unlock Unlock Unlock Unlock
VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Exploitinginfo
Class: Denial of service
CWE: CWE-404
CAPEC: 🔒
ATT&CK: 🔒
Physical: No
Local: No
Remote: Partially
Availability: 🔒
Status: Not defined
Price Prediction: 🔍
Current Price Estimation: 🔒
0-Day Unlock Unlock Unlock Unlock
Today Unlock Unlock Unlock Unlock
Nessus ID: 302813
Nessus Name: Linux Distros Unpatched Vulnerability : CVE-2026-23555
Threat Intelligenceinfo
Interest: 🔍
Active Actors: 🔍
Active APT Groups: 🔍
Countermeasuresinfo
Recommended: Patch
Status: 🔍
0-Day Time: 🔒
Patch: xenbits.xen.org
Timelineinfo
03/18/2026 Advisory disclosed
03/18/2026 +0 days VulDB entry created
03/18/2026 +0 days VulDB entry last update
Sourcesinfo
Advisory: xenbits.xen.org
Status: Confirmed
CVE: CVE-2026-23555 (🔒)
GCVE (CVE): GCVE-0-2026-23555
GCVE (VulDB): GCVE-100-351513
CERT Bund: WID-SEC-2026-0760 - Xen und Citrix Systems XenServer: Mehrere Schwachstellen
Entryinfo
Created: 03/18/2026 09:24
Updated: 03/18/2026 12:12
Changes: 03/18/2026 09:24 (51), 03/18/2026 10:58 (2), 03/18/2026 12:12 (7)
Complete: 🔍
Cache ID: 99:D58:101
Discussion
No comments yet. Languages: en.
Please log in to comment.
◂ PreviousOverviewNext ▸