CVE-2026-47207 - Vulnerability Details

- Envoy crashes if multiple unexpected ext_proc responses are packed into one gRPC message

Description

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy crashes if an ext_proc server sends a single gRPC message containing multiple, specially crafted ProcessingResponse messages. This can occur when the first response in the batch causes the gRPC stream object to be destroyed, leading to a use-after-free error when Envoy attempts to process subsequent responses in the same gRPC message. This vulnerability is fixed in 1.35.13, 1.36.9, 1.37.5, and 1.38.3.

Published: 2026-06-26

Score: 6.5 Medium

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

Envoy, a widely used service proxy, experiences a use‑after‑free crash when an ext_proc server sends a single gRPC message that contains multiple specially crafted ProcessingResponse messages. The first response in that batch causes the gRPC stream object to be torn down, so when Envoy later attempts to process subsequent responses it dereferences freed memory. This flaw manifests as a crash, rendering the affected Envoy instance unable to process further traffic and effectively denying service. The weakness is a classic use‑after‑free, catalogued as CWE‑416.

Affected Systems

The vulnerability affects the Envoy project (envoyproxy:envoy). Versions from 1.34.0 up to and including 1.35.13, plus the isolated releases 1.36.9, 1.37.5, and 1.38.3, are impacted. All other tracked Envoy releases are not affected.

Risk and Exploitability

The CVSS score of 6.5 indicates medium severity. No EPSS data is available, so the likelihood of proactive exploitation cannot be quantified. The vulnerability is not in CISA KEV, so there is no public evidence of active exploitation. The attack requires an ext_proc server capable of sending a crafted gRPC response; therefore, a compromised or malicious ext_proc service, or a malicious user with control over such traffic, would need to be the vector.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

envoyproxy

envoy

affected

Version	Status	Constraints
`>= 1.38.0, < 1.38.3`	affected	—
`>= 1.37.0, < 1.37.5`	affected	—
`>= 1.36.0, < 1.36.9`	affected	—
`>= 1.34.0, < 1.35.13`	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade to the fixed Envoy release—1.35.13 for the 1.35 branch, 1.36.9 for 1.36, 1.37.5 for 1.37, and 1.38.3 for 1.38—or any newer release that includes the patch.
If an upgrade cannot be performed immediately, isolate or block ext_proc traffic until the patch is applied to prevent the crash from occurring.
Configure ext_proc servers to validate the size and integrity of ProcessingResponse messages, ensuring that no single gRPC message contains multiple responses; this defensive check can mitigate the risk while awaiting an official fix.

Generated by OpenCVE AI on June 26, 2026 at 19:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/envoyproxy/envoy/security/advisories/GHSA-68cv-hq5f-g6xv

History

Fri, 26 Jun 2026 19:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 26 Jun 2026 18:15:00 +0000

Type	Values Removed	Values Added
Description		Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy crashes if an ext_proc server sends a single gRPC message containing multiple, specially crafted ProcessingResponse messages. This can occur when the first response in the batch causes the gRPC stream object to be destroyed, leading to a use-after-free error when Envoy attempts to process subsequent responses in the same gRPC message. This vulnerability is fixed in 1.35.13, 1.36.9, 1.37.5, and 1.38.3.
Title		Envoy crashes if multiple unexpected ext_proc responses are packed into one gRPC message
Weaknesses		CWE-416
References		https://github.com/envoyproxy/envoy/security/advisories/GHSA-68cv-hq5f-g6xv
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-06-26T17:52:27.739Z

Updated: 2026-06-26T18:30:08.843Z

Reserved: 2026-05-18T22:25:21.257Z

Link: CVE-2026-47207

Vulnrichment

Updated: 2026-06-26T18:29:45.023Z

NVD

No data.

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-26T19:30:04Z

Weaknesses

CWE-416
Use After Free

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object