HCE2-SA-2026-0022 Important HCE 2.0 Security Fix(es): Stack-based Buffer Overflow in lws_adns_parse_label in warmcat libwebsockets allows, when the LWS_WITH_SYS_ASYNC_DNS flag is enabled during compilation, to overflow the label_stack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer than the maximum. (CVE-2025-11678) A vulnerability, which was classified as critical, was found in warmcat libwebsockets up to 4.3.6/4.4.2. This affects the function lws_handshake_server. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product. (CVE-2025-11677) HCE 2.0 libwebsockets-4.3.0-2.r9.hce2.x86_64.rpm libwebsockets-devel-4.3.0-2.r9.hce2.x86_64.rpm libwebsockets-help-4.3.0-2.r9.hce2.noarch.rpm libwebsockets-4.3.0-2.r9.hce2.aarch64.rpm libwebsockets-devel-4.3.0-2.r9.hce2.aarch64.rpm