CVE-2026-10805

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.7 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H                                    

Vulnerability Description

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description (MUD) URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL, provided an administrator has explicitly configured NetworkManager to use dhclient. This issue does not affect default configurations of NetworkManager.

Vulnerability Details

Published Date

June 04, 2026

Last Modified

June 04, 2026

CWE ID

CWE-78

Source

NVD

External References

https://access.redhat.com/security/cve/CVE-2026-10805
https://bugzilla.redhat.com/show_bug.cgi?id=2484613

CVE-2026-10805

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment