CVE-2026-45254

Published May 21, 2026

Last updated 4 days ago

CVSS medium 6.5

Overview

Description: In the case of the cap_net service, when a key present in the old limit was omitted from the new limit, the missing key was treated as "allow any" instead of being rejected. In certain scenarios, an application that had previously restricted a subset of network operations could ask for a new limit that extended the permissions of the process.
Source: secteam@freebsd.org
NVD status: Analyzed
Products: freebsd

Risk scores

CVSS 3.1

Type: Secondary
Base score: 6.5
Impact score: 2.5
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Severity: MEDIUM

Weaknesses

secteam@freebsd.org: CWE-269

Hype score: Not currently trending

The FreeBSD project released a number of security advisories yesterday. We're still reviewing them. So far, one does not impact MidnightBSD (setcred), and two more do: CVE-2026-39461 (libcasper) and CVE-2026-45254. We've patched the latter in git on master and stable/4.0
@midnightbsd
22 May 2026
133 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:-:*:*:*:*:*:*",
            "matchCriteriaId": "9DC7C54E-58AF-4ADE-84AF-0EF0F325E20E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p1:*:*:*:*:*:*",
            "matchCriteriaId": "D3D22B8C-36CF-4800-9673-0B0240558BDD",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p10:*:*:*:*:*:*",
            "matchCriteriaId": "7296F5AA-F8C1-4277-A4EE-C2B24073A320",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p11:*:*:*:*:*:*",
            "matchCriteriaId": "C30E4A9C-0594-4F40-92B3-26CB9AA85AE9",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p12:*:*:*:*:*:*",
            "matchCriteriaId": "9F83F91B-587A-433C-99DB-0D63E267FF16",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p13:*:*:*:*:*:*",
            "matchCriteriaId": "44B9C2FC-756E-459F-8E68-C2C2B8C258AC",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p2:*:*:*:*:*:*",
            "matchCriteriaId": "242FA2A8-5D7D-4617-A411-2651FF3A3E4C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p3:*:*:*:*:*:*",
            "matchCriteriaId": "40573F60-F3B7-4AEC-846A-B08E5B7D9D00",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p4:*:*:*:*:*:*",
            "matchCriteriaId": "1FB832CE-0A98-44A2-8BAC-CD38A64279B6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p5:*:*:*:*:*:*",
            "matchCriteriaId": "9A785F8E-C218-41AE-8D57-BF06DDAEF7CB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p6:*:*:*:*:*:*",
            "matchCriteriaId": "C3909FDD-B2A2-45B6-A40B-1D303A717F15",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p7:*:*:*:*:*:*",
            "matchCriteriaId": "720597A2-F181-46E1-8A0D-097E17ADC4FB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p8:*:*:*:*:*:*",
            "matchCriteriaId": "DC8A75D0-148A-427A-9783-45477EABED21",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.3:p9:*:*:*:*:*:*",
            "matchCriteriaId": "F5D39FC9-6DBA-46C8-BB80-A6188E6A8527",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.4:-:*:*:*:*:*:*",
            "matchCriteriaId": "8F3856BE-666F-4FA1-A6AD-FE179CEBF1E4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.4:p1:*:*:*:*:*:*",
            "matchCriteriaId": "D9CC0037-3282-42C3-80D8-F6C1D43B9332",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.4:p2:*:*:*:*:*:*",
            "matchCriteriaId": "1EADA828-3C20-43C0-A0CA-3AC7D7F23DBD",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.4:p3:*:*:*:*:*:*",
            "matchCriteriaId": "53D73FD2-4B06-47D3-BA2A-4363E9DE3565",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.4:p4:*:*:*:*:*:*",
            "matchCriteriaId": "D726890B-E679-43A9-A211-D5C05BBE3941",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:14.4:rc1:*:*:*:*:*:*",
            "matchCriteriaId": "0342A715-E211-4AF6-97ED-32EB9EBB947D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:15.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "368CFE5D-C5C2-42AF-AAF4-28DFE1A59C3B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:15.0:p1:*:*:*:*:*:*",
            "matchCriteriaId": "AA4AAA57-70A7-4717-ACF2-A253E757FF2C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:15.0:p2:*:*:*:*:*:*",
            "matchCriteriaId": "E24ABFA6-4D12-4DE5-832B-438502C7D188",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:15.0:p3:*:*:*:*:*:*",
            "matchCriteriaId": "C1C9869C-494B-4628-9AA3-4AA5B989C377",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:15.0:p4:*:*:*:*:*:*",
            "matchCriteriaId": "002AA2FE-C7BA-471A-9434-0E56A878ACBF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:15.0:p5:*:*:*:*:*:*",
            "matchCriteriaId": "B187670D-E3A2-4A0D-A653-982F8B447E78",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:15.0:p6:*:*:*:*:*:*",
            "matchCriteriaId": "047E7EE9-FB51-4CF2-A8BE-484BFD819565",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:15.0:p7:*:*:*:*:*:*",
            "matchCriteriaId": "2C9768AE-9954-4B2A-9525-D7D4942406E7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:freebsd:freebsd:15.0:p8:*:*:*:*:*:*",
            "matchCriteriaId": "F8B9EF55-3755-452A-B067-043803099B22",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References