IBM Aspera Buffer Overflow in asperahttpd 3.7.44.4.7
CVE-2026-8179 Published on May 27, 2026

Multiple vulnerabilities in Aspera applications.
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could allow an authenticated user to execute arbitrary code on the system.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2026-8179 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

What is a Stack Overflow Vulnerability?

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CVE-2026-8179 has been classified to as a Stack Overflow vulnerability or weakness.


Products Associated with CVE-2026-8179

stack.watch emails you whenever new vulnerabilities are published in IBM Aspera High Speed Transfer Endpoint or IBM Aspera High Speed Transfer Server. Just hit a watch button to start following.

IBM Aspera High Speed Transfer Endpoint
 
IBM Aspera High Speed Transfer Server
 

Affected Versions

IBM Aspera High-Speed Transfer Endpoint: IBM Aspera High-Speed Transfer Server: