cvedb.io
CVE-2026-45254
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2026-05-21T10:16:26.380 · Last modified 2026-06-17T10:51:50.500

Summary

In the case of the cap_net service, when a key present in the old limit was omitted from the new limit, the missing key was treated as "allow any" instead of being rejected. In certain scenarios, an application that had previously restricted a subset of network operations could ask for a new limit that extended the permissions of the process.

Affected products

freebsd — freebsd

Does this affect you?

Add your gear to cvedb and we'll alert you only when freebsd ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.