Buffer Overflow Vulnerability in FreeBSD Kernel Affecting Unprivileged Users
CVE-2026-7270

Currently unrated

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 30 April 2026

What is CVE-2026-7270?

A vulnerability exists in the FreeBSD kernel due to an operator precedence issue, which can lead to a buffer overflow. This flaw allows attacker-controlled data to overwrite adjacent argument buffers used in execve(2) calls. An unprivileged user could potentially exploit this vulnerability to escalate their privileges to superuser level, thereby compromising the system's security and integrity.

Affected Version(s)

FreeBSD 15.0-RELEASE

FreeBSD 14.4-RELEASE

FreeBSD 14.3-RELEASE

References

https://security.freebsd.org/advisories/FreeBSD-SA-26:13....

vendor-advisory

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2026
Vulnerability Reserved
Apr 28, 2026

Credit

Ryan Austin of Calif.io

CVE-2026-7270 Data

JSON