CVE-2026-44597: Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, ...

Severity: Critical

CVSS Score: 9.1

Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011.