Vulnerabilities in FreeBSD
120 resultsVexday analysis
O FreeBSD acumula 111 CVEs catalogadas, com taxa de exploração ativa abaixo da média geral do catálogo — nenhuma entrada registrada no CISA KEV —, o que sugere um perfil de risco operacional relativamente contido no momento. Ainda assim, sete vulnerabilidades de severidade crítica e cinco com prova de conceito pública representam superfícies de ataque concretas que exigem atenção prioritária. A falha mais comum é do tipo CWE-787 (escrita fora dos limites), e a CVE com maior pontuação EPSS é a CVE-2018-17157, com índice de 0,2417, indicando probabilidade não trivial de exploração apesar da antiguidade da falha. O surgimento de 16 novas CVEs nos últimos 90 dias reforça a necessidade de monitoramento contínuo e aplicação ágil de correções.
CVE-2018-6925—In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintEPSS 0.3%CVE-2026-35547HIGHHeap overflow in libnvEPSS 0.3%CVE-2024-51563MEDIUMbhyve(8) virtio_vq_recordon time-of-check to time-of-use raceEPSS 0.3%CVE-2026-45255HIGHRemote code execution via installer Wi-Fi access point scansEPSS 0.3%CVE-2024-45288HIGHMultiple vulnerabilities in libnvEPSS 0.3%CVE-2025-0374MEDIUMUnprivileged access to system filesEPSS 0.3%CVE-2026-45252MEDIUMHeap overflow in FUSE_LISTXATTREPSS 0.3%CVE-2024-45289HIGHUnbounded allocation in ctl(4) CAM Target LayerEPSS 0.3%CVE-2026-4748HIGHpf silently ignores certain rulesEPSS 0.3%CVE-2024-41928HIGHbhyve(8) privileged guest escape via TPM device passthroughEPSS 0.2%CVE-2022-23084HIGHPotential jail escape vulnerabilities in netmapEPSS 0.2%CVE-2022-23090HIGHAIO credential reference count leakEPSS 0.2%CVE-2023-3494—bhyve privileged guest escape via fwctlEPSS 0.2%CVE-2024-32668HIGHbhyve(8) privileged guest escape via USB controllerEPSS 0.2%CVE-2022-23087HIGHBhyve e82545 device emulation out-of-bounds writeEPSS 0.2%CVE-2025-24934MEDIUMSO_REUSEPORT_LB breaks connect(2) for UDP socketsEPSS 0.2%CVE-2026-45253HIGHMissing validation in ptrace(PT_SC_REMOTE)EPSS 0.2%CVE-2026-45254MEDIUMIncorrect libcap_net limitation list manipulationEPSS 0.2%CVE-2023-5370—arm64 boot CPUs may lack speculative execution protectionsEPSS 0.2%CVE-2026-45258—Multiple vulnerabilities in the sound(4) mmap pathEPSS 0.2%