T

Torproject Security Vulnerabilities (CVE)

Explore vulnerabilities and security advisories affecting Torproject products.

6 known CVE vulnerabilities tracked

Critical
0
High
0
Medium
0
Low
6
None
0

Vulnerabilities By Year

6
2026

Products Affected

Tor 6

All Torproject CVEs

Recent Highest Score Oldest
CVE-2026-44603
3.7 low

Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007.

Tor May 7, 2026
CVE-2026-44602
3.7 low

Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006.

Tor May 7, 2026
CVE-2026-44601
3.7 low

Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009.

Tor May 7, 2026
CVE-2026-44600
3.7 low

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010.

Tor May 7, 2026
CVE-2026-44599
3.7 low

Tor before 0.4.9.7 can attempt or accept BEGIN_DIR via conflux legs, aka TROVE-2026-008.

Tor May 7, 2026
CVE-2026-44597
3.7 low

Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011.

Tor May 7, 2026