A critical remote kernel RCE vulnerability, CVE-2026-4747, has been discovered in FreeBSD's RPCSEC_GSS implementation. The flaw exists in the `svc_rpc_gss_validate` function, where a buffer overflow can occur when processing RPC headers for GSS-API signature verification. This vulnerability is reachable over the network via the NFS server, potentially allowing an attacker to execute arbitrary code with root privileges on affected FreeBSD systems. AI
Summary written by gemini-2.5-flash-lite from 1 source. How we write summaries →
IMPACT This vulnerability could allow attackers to gain root access to FreeBSD systems, impacting any services relying on its security, including those that might host AI models or infrastructure.
RANK_REASON Discovery of a specific CVE detailing a remote kernel RCE vulnerability in a widely used operating system. [lever_c_demoted from research: ic=1 ai=0.4]