Remote Code Execution Vulnerability in FreeBSD's dhclient Component
CVE-2026-42511

Currently unrated

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 30 April 2026

What is CVE-2026-42511?

The vulnerability in FreeBSD's dhclient lies in the insecure processing of the BOOTP file field, which allows the insertion of unescaped double-quotes. This oversight leads to the potential for injection of arbitrary directives into the lease file. When the lease file is re-processed—such as during a system restart—the attacker-controlled directives can be executed by dhclient-script(8). This could enable a malicious DHCP server to run arbitrary code with root privileges, compromising the integrity and security of the affected system.

Affected Version(s)

FreeBSD 15.0-RELEASE

FreeBSD 14.4-RELEASE

FreeBSD 14.3-RELEASE

References

https://security.freebsd.org/advisories/FreeBSD-SA-26:12....

vendor-advisory

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2026
Vulnerability Reserved
Apr 28, 2026

Credit

Joshua Rogers of AISLE Research Team

CVE-2026-42511 Data

JSON