CVE-2026-2379
Published: 05 June 2026
Summary
CVE-2026-2379 is a high-severity Operation on a Resource after Expiration or Release (CWE-672) vulnerability in Arista EOS (inferred from references). Its CVSS base score is 8.2 (High).
Operationally, ranked at the 13.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-34875
Vulnerability details
On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulting…
more
in sequence number mismatches between tunnel endpoints potentially causing unstable communication.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.