🟠 High | Source: Microsoft Security Response Center
CVE-2026-58058 is an integer underflow vulnerability in Nmap’s IPv6 extension header parsing logic. An attacker could potentially craft a malicious IPv6 packet or response that triggers unexpected behaviour during a network scan, possibly leading to a crash or code execution within the scanning process. This matters because Nmap is widely used by security and operations teams to discover and audit cloud and on-premises infrastructure.
Security Architect’s Take: Audit your pipeline and tooling inventories for any automated or scheduled Nmap usage — particularly in Azure environments where Nmap is invoked via scripts, CI/CD pipelines, or security scanning workflows — and prioritise patching to a fixed Nmap release once available. Consider restricting Nmap execution contexts to least-privilege service accounts to limit blast radius if exploitation occurs.
Original advisory: CVE-2026-58058 Nmap - Integer Underflow in IPv6 Extension Header Parsing