Critical Denial of Service Vulnerabilities in Fedora Erlang Packages Addressed

Multiple critical vulnerabilities were disclosed on June 8, 2026 in Fedora's Erlang packages (erlang-gun 2.4.0/2.4.1 and erlang-cowboy 2.16.0/2.16.1). CVE-2026-43972 permits cross-origin cookie injection enabling session fixation and potential account takeover, while CVE-2026-43973 and CVE-2026-43974 are Denial of Service issues; Fedora 43 and 44 users are urged to apply updates via dnf immediately.