Cyber Resilience

CVE-2026-7270

High

Published: 30 April 2026

Published
30 April 2026
Modified
10 May 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0001 0.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-7270 is a high-severity Operator Precedence Logic Error (CWE-783) vulnerability in Freebsd Freebsd. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2026-7270 is an operator precedence bug (CWE-783) in the FreeBSD kernel that triggers a buffer overflow, enabling attacker-controlled data to overwrite adjacent execve(2) argument buffers. This vulnerability affects FreeBSD systems, with the issue published on 2026-04-30 and assigned a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

The vulnerability is exploitable by an unprivileged local user requiring low privileges (PR:L) and low attack complexity (AC:L), with no user interaction needed. Successful exploitation allows the attacker to achieve superuser privileges, granting high impacts on confidentiality, integrity, and availability.

The FreeBSD security advisory SA-26:13.exec, available at https://security.freebsd.org/advisories/FreeBSD-SA-26:13.exec.asc, provides details on mitigation measures and patches.

EU & UK References

Vulnerability details

An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers. The bug may be exploitable by an unprivileged user to obtain superuser privileges.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local kernel buffer overflow in execve(2) argument handling directly enables privilege escalation from unprivileged user to root on FreeBSD.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-45250Same product: Freebsd Freebsd
CVE-2026-45253Same product: Freebsd Freebsd
CVE-2026-45251Same product: Freebsd Freebsd
CVE-2026-39457Same product: Freebsd Freebsd
CVE-2026-5398Same product: Freebsd Freebsd
CVE-2026-6386Same product: Freebsd Freebsd
CVE-2026-39461Same product: Freebsd Freebsd
CVE-2025-15576Same product: Freebsd Freebsd
CVE-2026-3038Same product: Freebsd Freebsd
CVE-2025-15547Same product: Freebsd Freebsd

Affected Assets

freebsd
freebsd
13.5, 14.3, 14.4, 15.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the kernel operator precedence bug causing buffer overflow by requiring timely installation of patches from FreeBSD-SA-26:13.exec.

prevent

Deploys memory protection mechanisms like ASLR, stack canaries, and NX bits to block exploitation of the buffer overflow for privilege escalation.

prevent

Mandates validation of execve argument buffer inputs to restrict attacker-controlled data from triggering the overflow in kernel processing.

References