CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-7164

Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent of the configured ruleset.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.2%

CVSS Severity

CVSS v3 Score 7.5

References

https://security.freebsd.org/advisories/FreeBSD-SA-26:14.pf.asc

Products affected by CVE-2026-7164

Freebsd » Freebsd » Version: 13.5

cpe:2.3:o:freebsd:freebsd:13.5
Freebsd » Freebsd » Version: 14.3

cpe:2.3:o:freebsd:freebsd:14.3
Freebsd » Freebsd » Version: 14.4

cpe:2.3:o:freebsd:freebsd:14.4
Freebsd » Freebsd » Version: 15.0

cpe:2.3:o:freebsd:freebsd:15.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-7164

Products

Pricing

Contact Us