CVE-2026-0206

MEDIUM
Published Apr 29, 2026 Modified May 5, 2026 CWE-121

Description

A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall.

CVSS v3.1 Score

4.9
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS — Exploit Prediction

0.0019
Probability of exploitation
0.40%
Percentile rank

EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.

Weakness Type (CWE)

CWE-121 CWE-121

Affected Products

Vendor Product
sonicwall sonicos
sonicwall nsa_2650
sonicwall nsa_3600
sonicwall nsa_3650
sonicwall nsa_4600
sonicwall nsa_4650
sonicwall nsa_5600
sonicwall nsa_5650
sonicwall nsa_6600
sonicwall nsa_6650
sonicwall sm_9200
sonicwall sm_9250
sonicwall sm_9400
sonicwall sm_9450
sonicwall sm_9600
sonicwall sm_9650
sonicwall soho_250
sonicwall soho_250w
sonicwall sohow
sonicwall tz_300
sonicwall tz_300p
sonicwall tz_300w
sonicwall tz_350
sonicwall tz_350w
sonicwall tz_400
sonicwall tz_400w
sonicwall tz_500
sonicwall tz_500w
sonicwall tz_600
sonicwall tz_600p
sonicwall sonicos
sonicwall sonicos
sonicwall nsa_2700
sonicwall nsa_3700
sonicwall nsa_4700
sonicwall nsa_5700
sonicwall nsa_6700
sonicwall nssp_10700
sonicwall nssp_11700
sonicwall nssp_13700
sonicwall nssp_15700
sonicwall nsv_270
sonicwall nsv_470
sonicwall nsv_870
sonicwall tz270
sonicwall tz270w
sonicwall tz370
sonicwall tz370w
sonicwall tz470
sonicwall tz470w
sonicwall tz570
sonicwall tz570p
sonicwall tz570w
sonicwall tz670
sonicwall sonicos
sonicwall nsa_2800
sonicwall nsa_3800
sonicwall nsa_4800
sonicwall nsa_5800
sonicwall tz280
sonicwall tz280w
sonicwall tz380
sonicwall tz380w
sonicwall tz480
sonicwall tz580
sonicwall tz680
sonicwall tz80

References

Frequently Asked Questions

What is CVE-2026-0206? +
A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall. It has a CVSS v3.1 base score of 4.9 (MEDIUM).
How severe is CVE-2026-0206? +
CVE-2026-0206 has a CVSS v3.1 score of 4.9 out of 10, rated MEDIUM. This is a medium-severity vulnerability that should be remediated as part of regular maintenance. The EPSS score is 0.0019, placing it in the 0th percentile for exploitation probability.
What products are affected by CVE-2026-0206? +
CVE-2026-0206 affects products from sonicwall, specifically: nsa_2650, nsa_2700, nsa_2800, nsa_3600, nsa_3650, nsa_3700, nsa_3800, nsa_4600, nsa_4650, nsa_4700, nsa_4800, nsa_5600, nsa_5650, nsa_5700, nsa_5800, nsa_6600, nsa_6650, nsa_6700, nssp_10700, nssp_11700, nssp_13700, nssp_15700, nsv_270, nsv_470, nsv_870, sm_9200, sm_9250, sm_9400, sm_9450, sm_9600, sm_9650, soho_250, soho_250w, sohow, sonicos, tz270, tz270w, tz280, tz280w, tz370, tz370w, tz380, tz380w, tz470, tz470w, tz480, tz570, tz570p, tz570w, tz580, tz670, tz680, tz80, tz_300, tz_300p, tz_300w, tz_350, tz_350w, tz_400, tz_400w, tz_500, tz_500w, tz_600, tz_600p. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2026-0206? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2026-40489

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have …
CVE-2025-26382

Under certain circumstances the iSTAR Configuration Utility (ICU) tool could have a buffer overflow issue
CVE-2025-1533

A stack buffer overflow has been identified in the AsIO3.sys driver. This vulnerability can be triggered by input manipulation, may …
CVE-2025-3916

CWE-121: Stack-based Buffer Overflow vulnerability exists that could cause local attackers being able to exploit these issues to potentially execute …
CVE-2025-40634

Stack-based buffer overflow vulnerability in the 'conn-indicator' binary running as root on the TP-Link Archer AX50 router, in firmware versions …
CVE-2025-49589

PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. A stack-based buffer overflow exists in the Kprintf_HLE function of …

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2026-0206 — free, no signup required.

Start Free Scan