CVE-2026-25702

HIGH

SUSE Linux Enterprise Server 12 SP5 - Auth Bypass

Title source: llm

Description

A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before 9c294edb7085fb91650bc12233495a8974c5ff2d.

References (1)

[Issue Tracking] https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-25702

Scores

CVSS v3 7.3

EPSS 0.0004

EPSS Percentile 10.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Classification

CWE

CWE-284

Status published

Affected Products (1)

suse/linux_enterprise_server

Timeline

Published Mar 05, 2026

Tracked Since Mar 05, 2026