{"id":82172,"date":"2026-07-18T01:47:57","date_gmt":"2026-07-17T22:17:57","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-56741-jline-unauthenticated-remote-dos-via-unbounded-telnet-naws-terminal-geometry\/"},"modified":"2026-07-18T01:47:57","modified_gmt":"2026-07-17T22:17:57","slug":"cve-2026-56741-jline-unauthenticated-remote-dos-via-unbounded-telnet-naws-terminal-geometry","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-56741-jline-unauthenticated-remote-dos-via-unbounded-telnet-naws-terminal-geometry\/","title":{"rendered":"CVE-2026-56741 &#8211; JLine: Unauthenticated Remote DoS via Unbounded Telnet NAWS Terminal Geometry"},"content":{"rendered":"<p>CVE ID :CVE-2026-56741<\/p>\n<p>  Published : July 17, 2026, 10:17 p.m. | 1\u00a0hour, 20\u00a0minutes ago<\/p>\n<p>  Description :JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not apply an upper bound to terminal dimensions received via the Telnet NAWS option, and TelnetIO.handleNAWS() in TelnetIO.java:856-879 reads client-supplied width and height as 16-bit unsigned integers and passes values such as 65535&#215;65535 to setTerminalGeometry(), allowing an unauthenticated remote attacker to repeatedly alternate values and trigger continuous expensive rendering work that causes CPU exhaustion and denial of service. This issue is fixed in versions 3.30.14, 4.0.16, and 4.2.1.<\/p>\n<p>  Severity: 7.5 | HIGH<\/p>\n<p>  Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID :CVE-2026-56741 Published : July 17, 2026, 10:17 p.m. | 1\u00a0hour, 20\u00a0minutes ago Description :JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not apply an upper bound to terminal dimensions received via the Telnet NAWS option, and TelnetIO.handleNAWS() in TelnetIO.java:856-879 &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-82172","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/82172","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=82172"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/82172\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=82172"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=82172"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=82172"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}