{"uuid": "f4a08892-d212-4e61-a6e3-6143b7b85773", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42511", "type": "seen", "source": "https://infosec.exchange/users/wdormann/statuses/116675497913967123", "content": "Not even mentioned in the blog post because Calif didn't discover them are two more LPEs:CVE-2026-6386 - amd64CVE-2026-5398 - tty\nAnd an RCE in dhclient (\ud83d\ude2e)CVE-2026-42511 - dhclient\nThat's right, a malicious DHCP server on your network can run commands as root on FreeBSD that isn't fully patched. (Yes, I ran dhclient as root here to demonstrate the vul, but the same thing would happen automatically with a couple of boots of the victim).", "creation_timestamp": "2026-06-01T15:15:43.510563Z"}