CVE-2026-4746: Heap Buffer Over-Write Vulenrabilty in timeplus-io/proton

Overview

Severity

N/A

Exploit Status

Not Exploited

Patch Tuesday

2026-Mar

Released

2026-03-27

EPSS Score

0.04% (percentile: 12.9%)

Affected Products (15)

Open Source Software

• cbl2 binutils 2.37-20 on CBL Mariner 2.0
• cbl2 boost 1.76.0-4 on CBL Mariner 2.0
• cbl2 ceph 16.2.10-11 on CBL Mariner 2.0
• cbl2 cloud-hypervisor 32.0-7 on CBL Mariner 2.0
• azl3 boost 1.83.0-2 on Azure Linux 3.0
• azl3 ceph 18.2.2-12 on Azure Linux 3.0
• cbl2 gcc 11.2.0-9 on CBL Mariner 2.0
• cbl2 nss 3.75-2 on CBL Mariner 2.0
• cbl2 python-tensorboard 2.11.0-3 on CBL Mariner 2.0
• cbl2 qt5-qtbase 5.12.11-19 on CBL Mariner 2.0
• azl3 python-tensorboard 2.16.2-6 on Azure Linux 3.0

Other

• 20600-17086
• 20598-17086

Mariner

• cbl2 grpc 1.42.0-11 on CBL Mariner 2.0
• azl3 gcc 13.2.0-7 on Azure Linux 3.0

Revision History

• 2026-03-27: Information published.