Cyber Resilience

CVE-2026-48715

HighUpdated

Published: 19 June 2026

Published
19 June 2026
Modified
26 June 2026
KEV Added
Patch
CVSS Score v4 7.7 CVSS:4.0/AV:A/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0020 10.4th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-48715 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Radvd.Litech Radvd. Its CVSS base score is 7.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 10.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the `radvdump` utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, `print_ff()` copies up to…

more

2032 bytes from attacker-controlled packet data into a 16-byte `struct in6_addr` on the stack, overflowing by up to 2016 bytes. Note that the main `radvd` daemon is not affected by the vulnerability. Version 2.21 patches the issue.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Stack buffer overflow in local radvdump utility enables arbitrary code execution on crafted ICMPv6 input, directly supporting local privilege escalation via exploitation.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

Affected Assets

radvd.litech
radvd
≤ 2.21

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References