alt Hacker NewsIPv6 itself seems to provide a larger attack surface based on IPv6-specific CVEs. I don’t know if it’s the added complexity or that it’s treated as a second class citizen by devs, but I still see a solid number of these coming across the CVE feed.
This one was particularly scary: https://malwaretech.com/2024/08/exploiting-CVE-2024-38063.ht...
When something happens over IPv4 people treat it like "the Internet has malicious actors, water is wet", but when it happens over IPv6 it must be IPv6's fault.
Sigh...