CVE-2026-45254— Incorrect libcap_net limitation list manipulation

AI Predicted 7.8 Difficulty: Moderate EPSS 0.03% · P9 Updated May 22, 2026

Possible ATT&CK Techniques 1AI

T1068 · Exploitation for Privilege Escalation

Affected Version Matrix 3

Vendor	Product	Version Range	Status
FreeBSD	FreeBSD	`15.0-RELEASE< p9`	affected
		`14.4-RELEASE< p5`	affected
		`14.3-RELEASE< p14`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-45254

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Incorrect libcap_net limitation list manipulation

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the case of the cap_net service, when a key present in the old limit was omitted from the new limit, the missing key was treated as "allow any" instead of being rejected. In certain scenarios, an application that had previously restricted a subset of network operations could ask for a new limit that extended the permissions of the process.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

特权管理不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

FreeBSD 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

FreeBSD是FreeBSD基金会的一套类Unix操作系统。 FreeBSD存在安全漏洞，该漏洞源于cap_net服务中，当新限制省略旧限制中的键时，缺失键被当作允许任何操作处理，可能导致先前限制部分网络操作的应用程序请求新限制时扩展进程权限。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
FreeBSD	FreeBSD	15.0-RELEASE ~ p9	-

II. Public POCs for CVE-2026-45254

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-45254

请登录查看更多情报信息。

Vendor Advisories for CVE-2026-45254 (1)

🔗 https://security.freebsd.org/advisories/FreeBSD-SA-26:24.cap_net.asc Read full article vendor-advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-45254

Same Patch Batch · FreeBSD · 2026-05-21 · 7 CVEs total

CVE-2026-45250		Stack buffer overflow via setcred(2)
CVE-2026-45252		Heap overflow in FUSE_LISTXATTR
CVE-2026-45255		Remote code execution via installer Wi-Fi access point scans
CVE-2026-45251		Kernel use-after-free via file descriptor syscalls
CVE-2026-45253		Missing validation in ptrace(PT_SC_REMOTE)
CVE-2026-39461		select(2) file descriptor set overflow causes stack overflow

IV. Related Vulnerabilities

Same product: FreeBSD

Same vendor: FreeBSD

Same weakness: CWE-269

V. Comments for CVE-2026-45254

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-45254— Incorrect libcap_net limitation list manipulation

Possible ATT&CK Techniques 1AI

Affected Version Matrix 3

I. Basic Information for CVE-2026-45254

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-45254

III. Intelligence Information for CVE-2026-45254

Vendor Advisories for CVE-2026-45254 (1)

Same Patch Batch · FreeBSD · 2026-05-21 · 7 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-45254

Leave a comment