CVE-2026-53183

HIGHPre-NVD 7.57.5
EchelonGraph scoreHIGH confidence

Score 7.5 from GitHub Security Advisory (severity: HIGH) published 2026-06-25. a secondary CVSS source baseline 7.5; sources differ by 0.0.

Triggered by: GitHub Security Advisory CVSS
Sources: epss, ghsa, secondary
Trending — 4 sources updated this week
7.5
EchelonGraph verdictPlan a fixSerious severity, but no confirmed exploitation yet.
  • High severity, but no confirmed exploitation yet
CISA-KEV: Not listedEPSS: 1%CVSS: 7.5Exploit: NoneExposed: 0

No vendor fix yet — apply a workaround or compensating control (WAF / firewall / segmentation) and watch for a patch.

In the Linux kernel, the following vulnerability has been resolved:

mptcp: allow subflow rcv wnd to shrink

In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcv_nxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation time.

At the same time, the TCP stack ensures independently that the TCP-level rcv wnd right's edge does not move backward. That in turn causes artificial inflating of the MPTCP rcv window when the incoming data is acked at the TCP level and is OoO in the MPTCP sequence space (or lands in the backlog).

As a consequence, the incoming traffic can exceed the receiver rcvbuf size even when the sender is not misbehaving.

Prevent such scenario forcibly allowing the TCP subflow to shrink the TCP-level rcv wnd regardless of the current netns setting.

CVSS v3
7.5
EG Score
7.5(high)
EPSS
39.6%
KEV
Not listed

Published

June 25, 2026

Last Modified

July 6, 2026

Advisory Details (6)

Auto-updated Jun 28, 2026
No patch confirmed yet.
generic

mptcp: allow subflow rcv wnd to shrink - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/da23be77e1292cd611e736c3aa17da633d7ddce7
generic

mptcp: allow subflow rcv wnd to shrink - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/c297a4e65c50a2b807d9309b22615080faffa8f3
generic

mptcp: allow subflow rcv wnd to shrink - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/bf364b0f10b27679140699821f88af7f01e2a6e3
generic

mptcp: allow subflow rcv wnd to shrink - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/b1fd13074f22105deec45aa02283e322733e0c2d
generic

mptcp: allow subflow rcv wnd to shrink - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/aa3861f40ac32706d9e97bfac76984613e278788
generic

mptcp: allow subflow rcv wnd to shrink - kernel/git/stable/linux.git - Linux kernel stable tree

https://git.kernel.org/stable/c/653245266913f03fcf21cbca68eed5c197a33e52

Vendor Advisories for CVE-2026-53183(2)

These vendors published their own advisory mentioning this CVE — often with vendor-specific remediation steps + affected product lists not in NVD.

Data Freshness Timeline

(refreshed 52× in last 7d / 74× in last 30d)

Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.

  1. 2026-07-07 03:27 UTCEG score recompute
  2. 2026-07-07 03:27 UTCVendor advisory
  3. 2026-07-07 03:27 UTCGHSA enrichment
  4. 2026-07-06 16:27 UTCEPSS rescore
  5. 2026-07-06 16:27 UTCEPSS rescore
  6. 2026-07-06 15:08 UTCEG score recompute
  7. 2026-07-06 15:08 UTCVendor advisory
  8. 2026-07-06 15:07 UTCGHSA enrichment
  9. 2026-07-06 02:34 UTCEG score recompute
  10. 2026-07-06 02:34 UTCVendor advisory
  11. 2026-07-06 02:34 UTCGHSA enrichment
  12. 2026-07-06 02:23 UTCEPSS rescore
  13. 2026-07-06 02:23 UTCEPSS rescore
  14. 2026-07-05 14:13 UTCEG score recompute
  15. 2026-07-05 14:13 UTCVendor advisory
  16. 2026-07-05 14:13 UTCGHSA enrichment
  17. 2026-07-05 02:31 UTCEPSS rescore
  18. 2026-07-05 02:30 UTCEPSS rescore
  19. 2026-07-05 01:53 UTCEG score recompute
  20. 2026-07-05 01:53 UTCVendor advisory
  21. 2026-07-05 01:53 UTCGHSA enrichment
  22. 2026-07-04 13:27 UTCEG score recompute
  23. 2026-07-04 13:27 UTCVendor advisory
  24. 2026-07-04 13:27 UTCGHSA enrichment
  25. 2026-07-04 06:31 UTCEPSS rescore
Show 49 more
  1. 2026-07-04 06:31 UTCEPSS rescore
  2. 2026-07-04 01:08 UTCEG score recompute
  3. 2026-07-04 01:08 UTCVendor advisory
  4. 2026-07-04 01:07 UTCGHSA enrichment
  5. 2026-07-03 12:46 UTCEG score recompute
  6. 2026-07-03 12:46 UTCVendor advisory
  7. 2026-07-03 12:46 UTCGHSA enrichment
  8. 2026-07-02 23:40 UTCEG score recompute
  9. 2026-07-02 23:40 UTCVendor advisory
  10. 2026-07-02 23:40 UTCGHSA enrichment
  11. 2026-07-02 11:21 UTCEG score recompute
  12. 2026-07-02 11:21 UTCVendor advisory
  13. 2026-07-02 11:20 UTCGHSA enrichment
  14. 2026-07-01 23:01 UTCEG score recompute
  15. 2026-07-01 23:01 UTCVendor advisory
  16. 2026-07-01 23:01 UTCGHSA enrichment
  17. 2026-07-01 15:07 UTCEPSS rescore
  18. 2026-07-01 10:42 UTCEG score recompute
  19. 2026-07-01 10:42 UTCVendor advisory
  20. 2026-07-01 10:42 UTCGHSA enrichment
  21. 2026-06-30 23:22 UTCEPSS rescore
  22. 2026-06-30 22:23 UTCEG score recompute
  23. 2026-06-30 22:23 UTCVendor advisory
  24. 2026-06-30 22:23 UTCGHSA enrichment
  25. 2026-06-30 10:03 UTCEG score recompute
  26. 2026-06-30 10:03 UTCVendor advisory
  27. 2026-06-30 10:03 UTCGHSA enrichment
  28. 2026-06-29 21:43 UTCEG score recompute
  29. 2026-06-29 21:43 UTCVendor advisory
  30. 2026-06-29 21:43 UTCGHSA enrichment
  31. 2026-06-29 14:06 UTCEPSS rescore
  32. 2026-06-29 14:06 UTCEPSS rescore
  33. 2026-06-29 09:24 UTCEG score recompute
  34. 2026-06-29 09:24 UTCVendor advisory
  35. 2026-06-29 09:24 UTCGHSA enrichment
  36. 2026-06-28 21:05 UTCEG score recompute
  37. 2026-06-28 21:05 UTCVendor advisory
  38. 2026-06-28 21:05 UTCGHSA enrichment
  39. 2026-06-28 14:07 UTCEPSS rescore
  40. 2026-06-28 08:46 UTCEG score recompute 7.50
  41. 2026-06-28 08:46 UTCVendor advisory
  42. 2026-06-28 08:45 UTCGHSA enrichment
  43. 2026-06-28 07:52 UTCMITRE cvelistV5CVSS v3 → 7.5 · severity → HIGH
  44. 2026-06-28 04:56 UTCEPSS rescore
  45. 2026-06-28 04:56 UTCEPSS rescore
  46. 2026-06-27 03:08 UTCEPSS rescore
  47. 2026-06-25 13:49 UTCEPSS rescore
  48. 2026-06-25 10:07 UTCEG score recompute
  49. 2026-06-25 10:07 UTCGHSA enrichment

Frequently asked(5)

What is CVE-2026-53183?
CVE-2026-53183 is a high vulnerability published on June 25, 2026. In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcv_nxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation…
When was CVE-2026-53183 disclosed?
CVE-2026-53183 was first published in the National Vulnerability Database on June 25, 2026, with the most recent update on July 6, 2026. EchelonGraph re-ingests CVE updates from NVD on a 2-hour cycle, so this page reflects the latest published state.
Is CVE-2026-53183 actively exploited?
CVE-2026-53183 is not currently on CISA's Known Exploited Vulnerabilities catalog. FIRST EPSS estimates a 39.6% percentile likelihood of exploitation in the next 30 days — higher percentiles indicate greater predicted risk.
What is the CVSS score of CVE-2026-53183?
CVE-2026-53183 has a CVSS v3 base score of 7.5 (NVD).
How do I remediate CVE-2026-53183?
Patch to the fixed version published by the affected vendor. Where vendor advisories exist for CVE-2026-53183, EchelonGraph cross-links them in the Vendor Advisories panel below — those typically contain the canonical remediation steps, fixed version numbers, and any vendor-specific mitigations.

Dependency Blast Radius

Explore the affected products and dependency analysis for CVE-2026-53183

Explore →

Is Your Infrastructure Affected by CVE-2026-53183?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.