CVE-2026-25702CRITICAL 9.8EPSS p10.3%

CVE-2026-25702CVE-2026-25702

Description

A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before 9c294edb7085fb91650bc12233495a8974c5ff2d.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.20% probability of exploitation · percentile 10.3% · 2026-06-21T12:00:28Z
Published2026-03-05
Last modified2026-03-09

Underlying weaknesses· 1

CWE-284

References

  1. https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-25702

1

TypeTargetConfidenceTier
WeaknessImproper Access Controlcwe-2840%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Linux Kernel Use-After-Free Vulnerability
CVE
CVE-2026-46324
CVE
CVE-2026-23231
CVE
CVE-2026-23112
CVE
CVE-2026-43391
CVE
CVE-2026-43403
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.