CyberRota
← Ana sayfaya dön

CVE-2026-45287

MEDIUM · CVSS 5.5 EPSS %0.17 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-04T16:16:38.690 · Çekilme zamanı: 2026-06-30T12:10:07.447839+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

Tespit Edilen Sinyaller
exploit
GitHub PoC Linkleri
github.com github.com github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-45287
Severity
MEDIUM
CVSS
5.5
EPSS
%0.17

Orijinal NVD Açıklaması

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, `go.opentelemetry.io/otel/schema/v1.0` and `go.opentelemetry.io/otel/schema/v1.1` leaks one file descriptor on each successful `ParseFile` call. `ParseFile` opens the schema file and passes it to `Parse` without closing it; repeated parsing in a long-running process can exhaust the process file descriptor limit and cause denial of service. Exploitation depends on a consuming application exposing repeated schema parsing to an attacker-controlled path. Version 0.0.17 contains a patch for the issue.