What is the CVSS score of CVE-2026-43958?

CVE-2026-43958 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of rrdcached are affected by CVE-2026-43958?

A vulnerability in rrdcached, the data graphing daemon used across Red Hat Enterprise Linux 6-10, allows local users to crash the monitoring service or gain unauthorized code execution capabilities,…. A patch is available.

rrdcached CVE-2026-43958

EUVD-2026-33726 HIGH

Stack-based Buffer Overflow (CWE-121)

2026-06-01 redhat

GHSA-pgh2-hfvj-4q69

RCE Buffer Overflow Denial Of Service Stack Overflow Red Hat Suse

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Jun 01, 2026 - 19:23 vuln.today

CVE Published

Jun 01, 2026 - 17:34 nvd

HIGH 7.8

DescriptionNVD

A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially allow for arbitrary code execution, impacting the integrity and confidentiality of data.

AnalysisAI

Stack-based buffer overflow in rrdcached (the caching daemon for rrdtool) allows a local attacker with socket access to crash the daemon or potentially execute arbitrary code by sending an oversized CREATE request. The flaw is tracked under CWE-121 with a CVSS 3.1 base score of 7.8 (AV:L/AC:L/PR:L), reported by Red Hat against RHEL 6 through 10, and there is no public exploit identified at time of analysis.

RemediationAI

Within 24 hours: Identify all systems running rrdcached (focus on RHEL 6, 7, 8, 9, 10), document current socket file permissions and local user accounts with access, and review audit logs for suspicious local access attempts. Within 7 days: Implement file-level access controls (restrict socket to authorized users only), enforce SELinux policies limiting rrdcached privileges, enable monitoring of rrdcached process behavior and logs, and restrict local system access to trusted administrators. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-5241 CRITICAL Act Now

9.6 Jun 03

Remote code execution in Hugging Face Transformers 5.2.0 allows a malicious model repository to bypass the user's explic

CVE-2026-1784 HIGH This Week

8.8 Jun 02

HAProxy configuration injection in Red Hat OpenShift Container Platform 4 allows a low-privileged tenant with permission

CVE-2026-5422 HIGH This Week

8.1 Jun 02

Path traversal in Jupyter Server 2.17.0 allows authenticated users to read and write files in sibling directories outsid

CVE-2026-8796 HIGH This Week

8.1 May 31

Heap out-of-bounds read in Sereal::Decoder for Perl before version 5.005 allows remote attackers to leak up to 31 bytes

CVE-2026-10118 HIGH This Week

7.8 Jun 01

Local code execution in Poppler's Splash rendering backend allows attackers to compromise applications that open attacke

Vendor StatusVendor

CVE-2026-43958 vulnerability details – vuln.today

Back

rrdcached CVE-2026-43958

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code