Netbsd

This hub aggregates every CVE we track for Netbsd, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Netbsd.

• CVE-2026-32772telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.3.4Mar 13, 2026
• CVE-2024-6387Openssh: regresshion - race condition in ssh allows rce/dos8.1Jul 1, 2024
• CVE-2021-45484In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.7.5Dec 25, 2021
• CVE-2021-45487In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures.7.5Dec 25, 2021
• CVE-2021-45488In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.7.5Dec 25, 2021
• CVE-2021-45489In NetBSD through 9.2, the IPv6 Flow Label generation algorithm employs a weak cryptographic PRNG.7.5Dec 25, 2021
• CVE-2020-26139An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might ...5.3May 11, 2021
• CVE-2012-5363The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a ...7.5Feb 20, 2020
• CVE-2012-5365The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets conta...7.5Feb 20, 2020
• CVE-2011-2480Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl a...7.5Nov 27, 2019
• CVE-2017-1000374A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and ...9.8Jun 19, 2017
• CVE-2017-1000375NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This...9.8Jun 19, 2017
• CVE-2017-1000378The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This all...9.8Jun 19, 2017
• CVE-2016-6253mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on ...7.8Jan 20, 2017
• CVE-2015-8212CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware ...9.8Jan 19, 2017