CVE-2026-0399

MEDIUM

Multiple post-authentication stack-based buffer overflow vulnerabilities in the SonicOS management interface due to improper bounds checking in a API endpoint.

CVSS v3.1 Score

4.9

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Complexity

LOW

Privileges

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Published: 2/24/2026Modified: 2/26/2026

Related Intelligence (1)

HIGHVulnerability

Google Project Zero Discloses Linux Kernel Zero-Day in eBPF Subsystem

Google Project Zero discloses a critical privilege escalation in the Linux kernel eBPF verifier. Affects cloud workloads, containers, and Android.

CVE-2026-0399Linux Kernel 5.15-6.8

Feb 28, 2026Google Project Zero

References (1)

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0001Vendor Advisory

Command Palette

CVE-2026-0399

CVSS v3.1 Score

Related Intelligence (1)

Google Project Zero Discloses Linux Kernel Zero-Day in eBPF Subsystem

References (1)