CVE-2026-7270
HIGHDescription
An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers. The bug may be exploitable by an unprivileged user to obtain superuser privileges.
Is your site exposed to CVE-2026-7270?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
| freebsd | freebsd |
References
Frequently Asked Questions
What is CVE-2026-7270? +
How severe is CVE-2026-7270? +
What products are affected by CVE-2026-7270? +
How do I check if I'm vulnerable to CVE-2026-7270? +
Related Vulnerabilities
Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the `zincati` system user …
A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could …
A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an …
In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This …
In multiple locations, there is a possible way in which policy migration code will never be executed due to a …
In com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly of com_android_internal_os_ZygoteCommandBuffer.cpp, there is a possible method to perform arbitrary code execution in any app zygote processes due …