CVE-2026-8232 MEDIUM

CVE-2026-8232: Dotouch XproUPF UPF Process libvlib.so vlib_worker_loop denial of service

Vendor Dotouch
Product XproUPF
Weakness CWE-404
Published May 10, 2026
Last update May 11, 2026

CVSS base score

5.1/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X

What the vulnerability does

01Description

A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. This impacts the function vlib_worker_loop in the library /usr/xpro/upf/tools/libs/libvlib.so of the component UPF Process. The manipulation results in denial of service. The vendor was contacted early about this disclosure.

Key dates

02Disclosure timeline

May 10, 2026 CVE published
May 11, 2026 Record updated