What is the CVSS score of CVE-2026-46300?

CVE-2026-46300 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Linux Kernel are affected by CVE-2026-46300?

CVE-2026-46300 is a local privilege escalation vulnerability in the Linux kernel XFRM ESP-in-TCP subsystem that allows authenticated local users to overwrite kernel memory and potentially gain…. A patch is available.

Is there a public PoC exploit available for CVE-2026-46300?

Yes, a public proof-of-concept exploit is available for CVE-2026-46300. Prioritise patching immediately. EPSS: 0.0%.

Linux Kernel CVE-2026-46300

EUVD-2026-31535 HIGH

Write-what-where Condition (CWE-123)

2026-05-13 secalert@redhat.com

GHSA-47jg-vqrv-5f8v

Privilege Escalation Linux

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

May 14, 2026 - 16:40 vuln.today

CVE Published

May 13, 2026 - 12:00 nvd

HIGH 7.8

DescriptionNVD

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. This vulnerability, known as Fragnesia, allows a local attacker to achieve arbitrary byte writes into the kernel page cache of read-only files, enabling local privilege escalation through kernel structure overwriting.

AnalysisAI

Local privilege escalation in Linux kernel XFRM ESP-in-TCP subsystem (Fragnesia vulnerability) allows authenticated local attackers to overwrite kernel memory structures by exploiting arbitrary byte writes into the kernel page cache of read-only files. CVSS score of 7.8 reflects high impact across confidentiality, integrity, and availability. …

RemediationAI

Within 24 hours: Identify all Linux systems running XFRM-enabled kernels (check: cat /boot/config-* | grep CONFIG_XFRM) and document current kernel versions. Within 7 days: Implement access controls restricting local user privileges where operationally feasible; prioritize systems handling sensitive data or critical functions. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-47335 MEDIUM This Month

5.5 May 28

Kernel panic via NULL pointer dereference in Ubuntu Linux 6.8's AppArmor notification handler allows a locally authentic

CVE-2026-47337 LOW Monitor

3.3 May 28

NULL pointer dereference in Ubuntu Linux kernel SAUCE patches (versions 6.8, 6.17, and 7.0) allows an unprivileged local

CVE-2026-45844 Monitor

May 27

In the Linux kernel, the following vulnerability has been resolved: netfilter: arp_tables: fix IEEE1394 ARP payload par

CVE-2026-45837 Monitor

May 27

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arena_vm_close on fork

CVE-2026-45838 Monitor

May 27

In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroup_storage_ge

Vendor StatusVendor

CVE-2026-46300 vulnerability details – vuln.today

Back

Linux Kernel CVE-2026-46300

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code