{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-46448", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-06-17T12:17:30.606Z", "dateReserved": "2026-05-14T00:00:00.000Z", "datePublished": "2026-06-16T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Nova", "vendor": "OpenStack", "versions": [{"lessThan": "31.3.1", "status": "affected", "version": "18.0.0", "versionType": "semver"}, {"lessThan": "32.2.1", "status": "affected", "version": "32.0.0", "versionType": "semver"}, {"lessThan": "33.0.2", "status": "affected", "version": "33.0.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-669", "description": "CWE-669 Incorrect Resource Transfer Between Spheres", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-06-16T19:06:32.026Z"}, "references": [{"url": "https://bugs.launchpad.net/nova/+bug/2151252"}, {"url": "https://www.openwall.com/lists/oss-security/2026/06/16/5"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", "versionStartIncluding": "18.0.0", "versionEndExcluding": "31.3.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", "versionStartIncluding": "32.0.0", "versionEndExcluding": "32.2.1"}, {"vulnerable": true, "criteria": "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", "versionStartIncluding": "33.0.0", "versionEndExcluding": "33.0.2"}]}]}]}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/06/16/5"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-06-16T19:16:38.300Z"}}, {"references": [{"url": "https://bugs.launchpad.net/nova/+bug/2151252", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-17T12:17:00.108810Z", "id": "CVE-2026-46448", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-17T12:17:30.606Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2026/06/16/5"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-06-16T19:16:38.300Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-46448", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-17T12:17:00.108810Z"}}}], "references": [{"url": "https://bugs.launchpad.net/nova/+bug/2151252", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-17T12:17:26.768Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "OpenStack", "product": "Nova", "versions": [{"status": "affected", "version": "18.0.0", "lessThan": "31.3.1", "versionType": "semver"}, {"status": "affected", "version": "32.0.0", "lessThan": "32.2.1", "versionType": "semver"}, {"status": "affected", "version": "33.0.0", "lessThan": "33.0.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://bugs.launchpad.net/nova/+bug/2151252"}, {"url": "https://www.openwall.com/lists/oss-security/2026/06/16/5"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "descriptions": [{"lang": "en", "value": "In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-669", "description": "CWE-669 Incorrect Resource Transfer Between Spheres"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "31.3.1", "versionStartIncluding": "18.0.0"}, {"criteria": "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "32.2.1", "versionStartIncluding": "32.0.0"}, {"criteria": "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "33.0.2", "versionStartIncluding": "33.0.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-06-16T19:06:32.026Z"}}}, "cveMetadata": {"cveId": "CVE-2026-46448", "state": "PUBLISHED", "dateUpdated": "2026-06-17T12:17:30.606Z", "dateReserved": "2026-05-14T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-06-16T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation."}], "id": "CVE-2026-46448", "lastModified": "2026-06-16T20:42:25.013", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "[email protected]", "type": "Secondary"}]}, "published": "2026-06-16T20:16:41.697", "references": [{"source": "[email protected]", "url": "https://bugs.launchpad.net/nova/+bug/2151252"}, {"source": "[email protected]", "url": "https://www.openwall.com/lists/oss-security/2026/06/16/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2026/06/16/5"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-669"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "openstack-nova: OpenStack Nova: Resource allocation issue due to unstripped hint data in server creation API", "id": "2489379", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2489379"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-1173", "details": ["In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation.", "A flaw was found in OpenStack Nova. The server creation application programming interface (API) fails to remove specific hint data, leading to instances being created without proper Placement allocation. This can result in a denial of service, as resources may not be correctly assigned or managed for the affected instances."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2026-46448", "package_state": [{"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Fix deferred", "package_name": "openstack-nova", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:17.1", "fix_state": "Fix deferred", "package_name": "openstack-nova", "product_name": "Red Hat OpenStack Platform 17.1"}, {"cpe": "cpe:/a:redhat:openstack:18.0", "fix_state": "Fix deferred", "package_name": "openstack-nova", "product_name": "Red Hat OpenStack Platform 18.0"}], "public_date": "2026-06-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-46448\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-46448\nhttp://www.openwall.com/lists/oss-security/2026/06/16/5\nhttps://bugs.launchpad.net/nova/+bug/2151252\nhttps://www.openwall.com/lists/oss-security/2026/06/16/5"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[18.0.0,31.3.1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[32.0.0,32.2.1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[33.0.0,33.0.2)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Nova", "source": "cna", "vendor": "OpenStack"}, "product": "nova", "vendor": "openstack"}], "created": "2026-06-16T21:00:12.473976+00:00", "title": "OpenStack Nova Create Instance API Leaves Unstripped Hint Data, Causing Missing Placement Allocation", "updated": "2026-06-17T23:00:14.705700+00:00", "vendors": ["openstack", "openstack$PRODUCT$nova"]}