CVE-2026-46433: lldpd Heap OOB Read in Azure
🟠 High | Source: Microsoft Security Response Center CVE-2026-46433 is a heap out-of-bounds read vulnerability in lldpd, the open-source Link Layer Discovery Protocol daemon, triggered during VLAN decapsulation via a flawed memmove operation. An attacker able to send crafted LLDP frames on an adjacent network could exploit this to read sensitive memory contents, potentially leaking information from affected hosts. This affects Azure environments where lldpd is running on underlying infrastructure or customer-managed VMs. ...