Wicked
This hub aggregates every CVE we track for Wicked, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
Operating Systemson-prem
4
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3MEDIUM1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Wicked.
- CVE-2026-44932indirect remote shell command injection via unsanitized DHCP options in wicked8.8
- CVE-2020-7217An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id.7.5
- CVE-2020-7216An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets without a message type option.7.5
- CVE-2013-4413Directory traversal vulnerability in controller/concerns/render_redirect.rb in the Wicked gem before 1.0.1 for Ruby allows remote attackers to read arbitrary files via a %2E%2E%2F (encoded dot dot ...5.0
Product normalization is registry-driven with AI assist and human review. How it works