What is the CVSS score of CVE-2026-42512?

CVE-2026-42512 has a CVSS 3.1 base score of 8.1 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of FreeBSD dhclient are affected by CVE-2026-42512?

A heap buffer overflow in FreeBSD's dhclient (CVE-2026-42512, CVSS 8.1) could enable remote code execution on affected systems when processing malicious DHCP responses, requiring network proximity…

FreeBSD dhclient CVE-2026-42512

EUVD-2026-26357 HIGH

Heap-based Buffer Overflow (CWE-122)

2026-04-30 freebsd

RCE Buffer Overflow Heap Overflow

8.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Updated

May 01, 2026 - 16:28 vuln.today

v2 (cvss_changed)

Re-analysis Queued

May 01, 2026 - 16:22 vuln.today

cvss_changed

CVSS changed

May 01, 2026 - 16:22 NVD

7.3 (HIGH) 8.1 (HIGH)

Analysis Generated

Apr 30, 2026 - 14:24 vuln.today

CVSS changed

Apr 30, 2026 - 14:22 NVD

7.3 (HIGH)

EUVD ID Assigned

Apr 30, 2026 - 09:00 euvd

EUVD-2026-26357

Analysis Generated

Apr 30, 2026 - 09:00 vuln.today

CVE Published

Apr 30, 2026 - 07:58 nvd

HIGH 8.1

DescriptionNVD

As dhclient is building an environment to pass to dhclient-script, it may need to resize the array of string pointers. The code which expands the array incorrectly calculates its new size when requesting memory, resulting in a heap buffer overrun.

A specially crafted packet can cause dhclient to overrun its buffer of environment entries. This can result in a crash, but it may be possible to leverage this bug to achieve remote code execution.

AnalysisAI

Heap buffer overflow in FreeBSD dhclient enables potential remote code execution when processing maliciously crafted DHCP packets. Affects FreeBSD 13.5, 14.3, 14.4, and 15.0 branches prior to security patches. …

RemediationAI

Within 24 hours: Inventory all FreeBSD systems running versions 13.5, 14.3, 14.4, or 15.0 and identify those with dhclient exposed to untrusted networks. Within 7 days: Implement network segmentation to restrict DHCP traffic to trusted sources only, and consider disabling dhclient on systems where static IP configuration is feasible. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-42512 vulnerability details – vuln.today

Back

FreeBSD dhclient CVE-2026-42512

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code