What is the CVSS score of CVE-2026-7270?

CVE-2026-7270 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of FreeBSD are affected by CVE-2026-7270?

CVE-2026-7270 is a local privilege escalation vulnerability in FreeBSD kernel that allows authenticated users to gain root access, creating a critical insider threat for any organization running…

How to fix or mitigate CVE-2026-7270?

Within 24 hours: Inventory all FreeBSD systems and identify supported release branches in production. Within 7 days: Apply vendor-released patches across all FreeBSD releases (patches available per vendor advisory for all supported branches). Within 30 days: Verify successful patch deployment via version confirmation and security validation testing; implement principle of least privilege to minimize local user access pending full patching.

FreeBSD CVE-2026-7270

EUVD-2026-26353 HIGH

Operator Precedence Logic Error (CWE-783)

2026-04-30 freebsd

Buffer Overflow

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Updated

Apr 30, 2026 - 15:27 vuln.today

v2 (cvss_changed)

Re-analysis Queued

Apr 30, 2026 - 15:22 vuln.today

cvss_changed

CVSS changed

Apr 30, 2026 - 15:22 NVD

7.3 (HIGH) 7.8 (HIGH)

Analysis Generated

Apr 30, 2026 - 14:23 vuln.today

CVSS changed

Apr 30, 2026 - 14:22 NVD

7.3 (HIGH)

EUVD ID Assigned

Apr 30, 2026 - 07:15 euvd

EUVD-2026-26353

Analysis Generated

Apr 30, 2026 - 07:15 vuln.today

CVE Published

Apr 30, 2026 - 07:02 nvd

HIGH 7.8

DescriptionNVD

An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers.

The bug may be exploitable by an unprivileged user to obtain superuser privileges.

AnalysisAI

Local privilege escalation in FreeBSD kernel allows authenticated users to gain root privileges through buffer overflow in execve(2) argument handling. The vulnerability stems from an operator precedence bug causing attacker-controlled data to overwrite adjacent execution argument buffers. …

RemediationAI

Within 24 hours: Inventory all FreeBSD systems and identify supported release branches in production. Within 7 days: Apply vendor-released patches across all FreeBSD releases (patches available per vendor advisory for all supported branches). …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-7270 vulnerability details – vuln.today

Back

FreeBSD CVE-2026-7270

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code