{"vulnerability": "cve-2026-7270", "sightings": [{"uuid": "d26eabe6-bbcd-4c4a-8064-cc898d189d24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-7270", "type": "seen", "source": "https://swecyb.com/ap/users/116080658609901341/statuses/116534940626646604", "content": "(calif.io) CVE-2026-7270: Root Privilege Escalation in FreeBSD via Kernel Memory Corruption in execve()\nNew critical LPE in FreeBSD: CVE-2026-7270 enables root access via a one-character error in `execve()` kernel handling. Exploit targets `sshd-session` with `LD_PRELOAD` injection through a race condition.\nIn brief - CVE-2026-7270 is a local privilege escalation flaw in FreeBSD (since 2013) caused by a sign error in `execve()` memory handling. Attackers can corrupt kernel memory during shebang script execution, inject `LD_PRELOAD`, and gain root via `sshd-session`. Affects default installations.\nTechnically - The bug in `sys/kern/kern_exec.c` (`exec_args_adjust_args`) miscalculates `memmove` size (`+ consume` instead of `- consume`), causing a 2,024-byte overflow into an adjacent `exec_map` entry. Exploit preseeds kernel memory at offset 265,166 bytes to replace `sshd-session` environment with `LD_PRELOAD=/tmp/evil.so`. Race condition optimized via fragmented argument strings to slow `execve` calls. Challenges include avoiding `MADV_FREE` under memory pressure and a 3.1% panic risk. PoC achieves root in seconds.\nSource: https://blog.calif.io/p/cve-2026-7270-how-i-get-root-on-freebsd\n#Cybersecurity #ThreatIntel", "creation_timestamp": "2026-05-07T19:29:19.325637Z"}, {"uuid": "6eb383e4-1b42-4e47-8986-e2d7111c53d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7270", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mkqf5kghxy2z", "content": "\ud83d\udfe0 CVE-2026-7270 - High (7.8)\n\nAn operator precedence bug in the kernel results in a scenario where a buffer overflow causes att...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-7270/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-04-30T19:50:35.198516Z"}, {"uuid": "768a44b2-96cb-4ee2-b992-d105eb987bd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7270", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mkzuipjhgo2f", "content": "~Cybergcca~\nCCCS released 5 advisories covering critical updates for IBM, Dell, FreeBSD, Ubuntu, and CISA ICS products.\n-\nIOCs: CVE-2026-42511, CVE-2026-7270, CVE-2026-7164\n-\n#PatchManagement #ThreatIntel #Vulnerability", "creation_timestamp": "2026-05-04T14:19:13.140724Z"}, {"uuid": "625010db-f7c6-4dbd-b935-51c538864c7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-7270", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/freebsd-security-advisory-av26-415", "content": "", "creation_timestamp": "2026-05-04T06:44:59.000000Z"}, {"uuid": "ef6015cb-77d7-469b-9d0d-ac2c3f6de31f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7270", "type": "seen", "source": "https://bsky.app/profile/hn-frontpage-bot.bsky.social/post/3mlhtu5ejtf2x", "content": "A FreeBSD security advisory details a local privilege escalation vulnerability (CVE-2026-7270) in the execve() system call. An unprivileged user could exploit an operator precedence bug leading to a buffer overflow, potentially gaining superuser privileges. Users are advised to update their systems.", "creation_timestamp": "2026-05-10T03:44:58.994959Z"}, {"uuid": "9b2412ce-d290-45a0-9028-501bd9188080", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7270", "type": "seen", "source": "https://bsky.app/profile/imil.net/post/3mlczqxgg2c2i", "content": "CVE-2026-7270: root on FreeBSD with a shell script :(\nblog.calif.io/p/cve-2026-7...", "creation_timestamp": "2026-05-08T05:47:16.209110Z"}, {"uuid": "1d33ad11-4217-4f04-af4a-de0544ec6130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7270", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mlf77ax52d2i", "content": "Top 3 CVE for last 7 days:\nCVE-2026-31431: 202 interactions\nCVE-2026-0073: 79 interactions\nCVE-2026-41940: 66 interactions\n\n\nTop 3 CVE for yesterday:\nCVE-2026-0073: 66 interactions\nCVE-2026-43284: 61 interactions\nCVE-2026-7270: 32 interactions\n", "creation_timestamp": "2026-05-09T02:30:09.062117Z"}, {"uuid": "b6afbcb6-880b-4ef9-84bf-fa347c22b7fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7270", "type": "seen", "source": "https://t.me/S_E_Reborn/6346", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u043c \u0432\u044b\u0437\u043e\u0432\u0435 execve, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0430\u044f root-\u0434\u043e\u0441\u0442\u0443\u043f \u0432\u043e FreeBSD\n\n\u0412\u043e FreeBSD \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2026-7270), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u044f\u0434\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0438 FreeBSD, \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441 2013 \u0433\u043e\u0434\u0430. \u0412 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435 \u0440\u0430\u0437\u043c\u0435\u0449\u0451\u043d \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442, \u0440\u0430\u0431\u043e\u0442\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u0435\u043d\u0430 \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0441 FreeBSD 11.0 \u043f\u043e 14.4. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 FreeBSD 15.0-RELEASE-p7, 14.4-RELEASE-p3, 14.3-RELEASE-p12 \u0438 13.5-RELEASE-p13. \u0414\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u0445 \u0432\u0435\u0442\u043e\u043a \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0430\u0442\u0447.\n\n \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435:\nhttps://opennet.ru/65408/\nhttps://opennet.me/65408/", "creation_timestamp": "2026-05-09T12:50:32.000000Z"}, {"uuid": "c665e736-3a41-43b8-88b7-12ee8bce9ed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7270", "type": "seen", "source": "Telegram/Yr-1pp_OQlsAxCk9olefEOIlRJklCfDEolOYJn0mNy08hY4", "content": "", "creation_timestamp": "2026-05-09T09:00:04.000000Z"}, {"uuid": "49c7fe25-2ffa-4078-90b6-20e5d9dffb90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7270", "type": "seen", "source": "https://t.me/bdufstecru/3151", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 exec_args_adjust_args() \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c FreeBSD \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u0430 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438\n\nBDU:2026-06463\nCVE-2026-7270\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://www.freebsd.org/security/advisories/FreeBSD-SA-26:13.exec.asc", "creation_timestamp": "2026-05-12T14:22:35.000000Z"}]}