{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-44932", "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "state": "PUBLISHED", "assignerShortName": "suse", "dateReserved": "2026-05-08T12:29:48.966Z", "datePublished": "2026-06-16T15:26:51.919Z", "dateUpdated": "2026-06-18T03:55:34.354Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2026-06-16T15:26:51.919Z"}, "title": "indirect remote shell command injection via unsanitized DHCP options in wicked", "datePublic": "2026-06-10T15:15:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-78", "description": "CWE-78", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-242", "descriptions": [{"lang": "en", "value": "CAPEC-242 Code Injection"}]}], "affected": [{"vendor": "SUSE", "product": "wicked", "collectionURL": "https://github.com/openSUSE/wicked", "packageName": "wicked", "repo": "https://github.com/openSUSE/wicked", "modules": ["dhcp handling"], "versions": [{"status": "affected", "version": "0", "lessThan": "0.6.79", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<div>Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine.</div>"}]}], "references": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=1265221", "tags": ["issue-tracking"]}, {"url": "https://github.com/openSUSE/wicked/releases/tag/version-0.6.79", "tags": ["release-notes"]}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026688.html", "tags": ["vendor-advisory"]}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026689.html", "tags": ["vendor-advisory"]}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026690.html", "tags": ["vendor-advisory"]}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026691.html", "tags": ["vendor-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "credits": [{"lang": "en", "value": "Wolfgang Frisch using Claude Opus", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-17T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-44932"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-18T03:55:34.354Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-44932", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-06-16T17:53:04.261745Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-16T17:53:09.439Z"}}], "cna": {"title": "indirect remote shell command injection via unsanitized DHCP options in wicked", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Wolfgang Frisch using Claude Opus"}], "impacts": [{"capecId": "CAPEC-242", "descriptions": [{"lang": "en", "value": "CAPEC-242 Code Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/openSUSE/wicked", "vendor": "SUSE", "modules": ["dhcp handling"], "product": "wicked", "versions": [{"status": "affected", "version": "0", "lessThan": "0.6.79", "versionType": "semver"}], "packageName": "wicked", "collectionURL": "https://github.com/openSUSE/wicked", "defaultStatus": "unaffected"}], "datePublic": "2026-06-10T15:15:00.000Z", "references": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=1265221", "tags": ["issue-tracking"]}, {"url": "https://github.com/openSUSE/wicked/releases/tag/version-0.6.79", "tags": ["release-notes"]}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026688.html", "tags": ["vendor-advisory"]}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026689.html", "tags": ["vendor-advisory"]}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026690.html", "tags": ["vendor-advisory"]}, {"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026691.html", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.2"}, "descriptions": [{"lang": "en", "value": "Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine.", "supportingMedia": [{"type": "text/html", "value": "<div>Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine.</div>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78"}]}], "providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2026-06-16T15:26:51.919Z"}}}, "cveMetadata": {"cveId": "CVE-2026-44932", "state": "PUBLISHED", "dateUpdated": "2026-06-18T03:55:34.354Z", "dateReserved": "2026-05-08T12:29:48.966Z", "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "datePublished": "2026-06-16T15:26:51.919Z", "assignerShortName": "suse"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine."}], "id": "CVE-2026-44932", "lastModified": "2026-06-16T17:37:16.933", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "meissner@suse.de", "type": "Secondary"}]}, "published": "2026-06-16T17:16:40.953", "references": [{"source": "meissner@suse.de", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1265221"}, {"source": "meissner@suse.de", "url": "https://github.com/openSUSE/wicked/releases/tag/version-0.6.79"}, {"source": "meissner@suse.de", "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026688.html"}, {"source": "meissner@suse.de", "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026689.html"}, {"source": "meissner@suse.de", "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026690.html"}, {"source": "meissner@suse.de", "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026691.html"}], "sourceIdentifier": "meissner@suse.de", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "meissner@suse.de", "type": "Primary"}]}

{"bugzilla": {"description": "wicked: wicked: Arbitrary code execution via unsanitized DHCP replies", "id": "2489320", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2489320"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-94", "details": ["Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine.", "A flaw was found in the wicked DHCP client. A remote attacker, by operating a malicious Dynamic Host Configuration Protocol (DHCP) server, could send specially crafted DHCP replies containing unsanitized strings. This vulnerability allows the attacker to execute arbitrary code on the local machine, potentially leading to a complete compromise of the affected system."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, configure systems with static IP addresses instead of relying on DHCP, especially when operating on untrusted network segments. Alternatively, ensure that DHCP services are only obtained from trusted and controlled network environments. If a service is restarted or the network configuration is reloaded, these changes will take effect."}, "name": "CVE-2026-44932", "public_date": "2026-06-16T15:26:51Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-44932\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-44932\nhttps://bugzilla.suse.com/show_bug.cgi?id=1265221\nhttps://github.com/openSUSE/wicked/releases/tag/version-0.6.79\nhttps://lists.suse.com/pipermail/sle-security-updates/2026-June/026688.html\nhttps://lists.suse.com/pipermail/sle-security-updates/2026-June/026689.html\nhttps://lists.suse.com/pipermail/sle-security-updates/2026-June/026690.html\nhttps://lists.suse.com/pipermail/sle-security-updates/2026-June/026691.html"], "statement": "This Important vulnerability in the wicked DHCP client allows a remote attacker to achieve arbitrary code execution on a system configured to obtain an IP address from a malicious DHCP server. By sending specially crafted DHCP replies, an attacker can exploit unsanitized strings, leading to a complete compromise of the affected system. This risk is primarily present in environments where systems are exposed to untrusted DHCP servers.", "threat_severity": "Important"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,0.6.79)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "wicked", "source": "cna", "vendor": "SUSE"}, "product": "wicked", "vendor": "suse"}], "created": "2026-06-17T22:30:13.699187+00:00", "updated": "2026-06-26T09:45:13.741645+00:00", "vendors": ["suse", "suse$PRODUCT$wicked"]}