Shodan
Vulnerabilities
Vulnerable Software
Openbsd:  >> Openbsd  >> 2.0  Security Vulnerabilities
CVE-2026-41285
In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery (ND) option (over a local network) with length zero, because of an "nd_opt_len * 8 - 2" expression with no preceding check for whether nd_opt_len is zero.
CVSS Score
4.3
EPSS Score
0.0
Published
2026-04-21
CVE-2025-30334
In OpenBSD 7.6 before errata 006 and OpenBSD 7.5 before errata 015, traffic sent over wg(4) could result in kernel crash.
CVSS Score
7.1
EPSS Score
0.002
Published
2025-03-20
CVE-2024-11149
In OpenBSD 7.4 before errata 014, vmm(4) did not restore GDTR limits properly on Intel (VMX) CPUs.
CVSS Score
6.2
EPSS Score
0.001
Published
2024-12-06
CVE-2024-10933
In OpenBSD 7.5 before errata 009 and OpenBSD 7.4 before errata 022, exclude any '/' in readdir name validation to avoid unexpected directory traversal on untrusted file systems.
CVSS Score
4.1
EPSS Score
0.001
Published
2024-12-05
CVE-2024-11148
In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd(8) is vulnerable to a NULL dereference when handling a malformed fastcgi request.
CVSS Score
8.7
EPSS Score
0.002
Published
2024-12-05
CVE-2024-10934
In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server.
CVSS Score
9.2
EPSS Score
0.003
Published
2024-11-15
CVE-2024-29937
NFS in a BSD derived codebase, as used in OpenBSD through 7.4 and FreeBSD through 14.0-RELEASE, allows remote attackers to execute arbitrary code via a bug that is unrelated to memory corruption.
CVSS Score
9.8
EPSS Score
0.044
Published
2024-04-11
CVE-2023-52556
In OpenBSD 7.4 before errata 009, a race condition between pf(4)'s processing of packets and expiration of packet states may cause a kernel panic.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-03-01
CVE-2023-52557
In OpenBSD 7.3 before errata 016, npppd(8) could crash by a l2tp message which has an AVP (Attribute-Value Pair) with wrong length.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-03-01
CVE-2023-52558
In OpenBSD 7.4 before errata 002 and OpenBSD 7.3 before errata 019, a network buffer that had to be split at certain length that could crash the kernel after receiving specially crafted escape sequences.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-03-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved