CVE-2026-7424HIGH 8.1EPSS p12.7%

CVE-2026-7424CVE-2026-7424

Description

Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service (permanent IP task freeze requiring hardware reset) by sending a single crafted DHCPv6 packet. The issue is present whenever DHCPv6 is enabled. To mitigate this issue, users should upgrade to version V4.2.6 or V4.4.1 or newer.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS0.22% probability of exploitation · percentile 12.7% · 2026-06-19T12:03:05Z
Published2026-04-29
Last modified2026-05-04

Underlying weaknesses· 1

CWE-191

References

  1. https://aws.amazon.com/security/security-bulletins/2026-022-aws/
  2. https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/releases/tag/V4.2.6
  3. https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/releases/tag/V4.4.1
  4. https://github.com/FreeRTOS/FreeRTOS-Plus-TCP/security/advisories/GHSA-wrhm-c99p-2p8g

1

TypeTargetConfidenceTier
WeaknessInteger Underflow (Wrap or Wraparound)cwe-1910%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-7426
CVE
CVE-2026-4892
CVE
CVE-2026-25833
CVE
CVE-2026-29004
CVE
CVE-2025-1674
CVE
CVE-2025-1058
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.