CVE Catalog
CVE-2026-44932
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk0.49%
38th percentile - higher than 38% of all known CVEs
Summary
Passing of unsanitized strings from DHCP replies into the wicked dhcp client before version 0.6.79 could be exploited by attackers operating a malicious DHCP server to execute code on the local machine.
Risk Assessment
Attackers could gain remote access to the system, potentially leading to full control over the machine and data leakage.
Recommendation
It is recommended to update the wicked DHCP client to version 0.6.79 or later to mitigate this vulnerability.
Original NVD description (English source)
Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a malicious DHCP server to execute code on the local machine.

