openbsd

334 tracked vulnerabilities.

CVE-2026-41285 MEDIUM
OpenBSD < 7.8 - Denial of Service via Zero-Length ICMPv6 ND Option
Apr 21, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-35414 MEDIUM
OpenSSH < 10.3 - Always-Incorrect Control Flow Implementation in Authorized Keys Principals Handling
Apr 02, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-35388 LOW
OpenSSH < 10.3 - Unprotected Alternate Channel via Proxy-Mode Multiplexing
Apr 02, 2026
CVSS 2.5
EPSS 0.00
CVE-2026-35387 LOW
OpenSSH <10.3 - ECDSA Algorithm Misinterpretation
Apr 02, 2026
CVSS 3.1
EPSS 0.00
CVE-2026-35386 LOW
OpenSSH < 10.3 - Command Injection via Shell Metacharacters in Username
Apr 02, 2026
CVSS 3.6
EPSS 0.00
CVE-2026-35385 HIGH
OpenSSH <10.3 - Privilege Escalation
Apr 02, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-61985 LOW
OpenSSH < 10.1 - Remote Code Execution via Null Byte in ssh:// URI
Oct 06, 2025
CVSS 3.6
EPSS 0.00
CVE-2025-61984 LOW
OpenSSH < 10.1 - Remote Code Execution via Control Characters in Username
Oct 06, 2025
CVSS 3.6
EPSS 0.00
CVE-2025-32728 MEDIUM
OpenSSH <10.0 - Privilege Escalation
Apr 10, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-30334 MEDIUM
OpenBSD < 7.5 - Denial of Service via wg(4) Traffic Handling
Mar 20, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-26466 MEDIUM
OpenSSH - Denial of Service via Ping Packet Memory Exhaustion
Feb 28, 2025
CVSS 5.9
EPSS 0.62
CVE-2025-26465 MEDIUM
OpenSSH 6.9-9.7 - Machine-in-the-Middle Attack via VerifyHostKeyDNS Error Handling
Feb 18, 2025
CVSS 6.8
EPSS 0.65
CVE-2024-11149 HIGH
OpenBSD < 7.4 - Denial of Service via vmm(4) GDTR Limits Restoration
Dec 06, 2024
CVSS 7.9
EPSS 0.00
CVE-2024-11148 HIGH
OpenBSD < 7.3 - NULL Pointer Dereference in httpd FastCGI Request Handling
Dec 05, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-10933 MEDIUM
OpenBSD < 7.4 - Path Traversal via Untrusted File System readdir
Dec 05, 2024
CVSS 5.0
EPSS 0.00
CVE-2024-10934 CRITICAL
OpenBSD < 7.4 - Double Free in NFS Client and Server Implementation
Nov 15, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-6387 HIGH
OpenSSH - DoS
Jul 01, 2024
CVSS 8.1
EPSS 0.63
CVE-2024-29937 CRITICAL
OpenBSD and FreeBSD NFS - Remote Code Execution
Apr 11, 2024
CVSS 9.8
EPSS 0.04
CVE-2023-52558 HIGH
OpenBSD < 7.3 - Denial of Service via Network Buffer Split Handling
Mar 01, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-52557 HIGH
OpenBSD < 7.3 - Denial of Service via L2TP AVP Length Mismatch
Mar 01, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-52556 MEDIUM
OpenBSD < 7.4 - Denial of Service via pf(4) State Expiration Race Condition
Mar 01, 2024
CVSS 6.2
EPSS 0.00
CVE-2023-51767 HIGH
OpenSSH through 10.0 - Authentication Bypass via Row Hammer Bit Flip
Dec 24, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-51385 MEDIUM
OpenSSH < 9.6 - OS Command Injection via Shell Metacharacters in Username or Hostname
Dec 18, 2023
CVSS 6.5
EPSS 0.17
CVE-2023-51384 MEDIUM
OpenSSH <9.6 - Privilege Escalation
Dec 18, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-48795 MEDIUM NUCLEI
OpenSSH <9.6 - Open Redirect
Dec 18, 2023
CVSS 5.9
EPSS 0.53
Products
openbsd 198 openssh 122 libressl 12 OpenSSH 7 opensmtpd 3 OpenBSD 1 ftpd 1 textproc\/isearch 1
Quick Filters
Critical CVEs With Exploits In CISA KEV