CVE-2026-40225

CVSS Score & Metrics

Base Score

6.4 / 10

Vector String

                                        CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H                                    

In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.

Published Date

April 10, 2026

Last Modified

April 13, 2026

CWE ID

CWE-669

Source

NVD

Vendor

systemd

Product

systemd