Skip to main content

Mikrotik

Vendor security scorecard – 1 CVEs in the selected period

Period: 30d 90d 6m 1y All
Risk 4
1
CVEs
0
Critical
1
High
0
KEV
0
PoC
1
Unpatched C/H
0.0%
Patch Rate
0.2%
Avg EPSS

Severity Breakdown

CRITICAL
0
HIGH
1
MEDIUM
0
LOW
0

Monthly CVE Trend

Top Risky CVEs

CVE Summary Severity CVSS EPSS Priority Signals
CVE-2026-39042 Denial of service in MikroTik RouterOS 7.21.x (before 7.21.4) and 7.22.x (before 7.22.2) allows a remote unauthenticated attacker to crash the core inter-process communication layer by triggering an integer overflow in the unflatten() function of the bundled libumsg.so library. Successfully exploiting it disrupts device availability without touching data confidentiality or integrity. There is no public exploit identified at time of analysis, though a third-party research blog documents the underlying integer overflow; EPSS is low at 0.20% (10th percentile). HIGH 7.5 0.2% 38
No patch

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy