What is the CVSS score of CVE-2026-35547?

CVE-2026-35547 has a CVSS 3.1 base score of 8.1 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of FreeBSD libnv are affected by CVE-2026-35547?

FreeBSD systems running versions 13.5, 14.3, 14.4, or 15.0 face a high-severity heap buffer overflow in the libnv library that enables remote unauthenticated attackers to trigger privilege escalation…

FreeBSD libnv CVE-2026-35547

EUVD-2026-26355 HIGH

Heap-based Buffer Overflow (CWE-122)

2026-04-30 freebsd

Buffer Overflow Heap Overflow

8.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Updated

May 01, 2026 - 16:27 vuln.today

v2 (cvss_changed)

Re-analysis Queued

May 01, 2026 - 16:22 vuln.today

cvss_changed

Severity Changed

May 01, 2026 - 16:22 NVD

CRITICAL HIGH

CVSS changed

May 01, 2026 - 16:22 NVD

9.1 (CRITICAL) 8.1 (HIGH)

Analysis Generated

Apr 30, 2026 - 14:23 vuln.today

CVSS changed

Apr 30, 2026 - 14:22 NVD

9.1 (CRITICAL)

EUVD ID Assigned

Apr 30, 2026 - 09:00 euvd

EUVD-2026-26355

Analysis Generated

Apr 30, 2026 - 09:00 vuln.today

CVE Published

Apr 30, 2026 - 08:08 nvd

HIGH 8.1

DescriptionNVD

When processing the header of an incoming message, libnv failed to properly validate the message size.

The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to exploit the bug to elevate their privileges.

AnalysisAI

Heap buffer overflow in FreeBSD's libnv library allows remote unauthenticated attackers to achieve privilege escalation or denial of service through maliciously crafted message headers. The vulnerability affects FreeBSD versions 13.5, 14.3, 14.4, and 15.0, with patches released in security advisory FreeBSD-SA-26:17.libnv. …

RemediationAI

Within 24 hours: Identify all FreeBSD systems running versions 13.5, 14.3, 14.4, or 15.0 and document network exposure. Within 7 days: Apply FreeBSD-SA-26:17.libnv security advisory patches immediately upon vendor release confirmation; verify patched versions via freebsd-version command. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-35547 vulnerability details – vuln.today

Back

FreeBSD libnv CVE-2026-35547

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code