All 9 CVE vulnerabilities found in Kea, with AI-generated Chinese analysis, references, and POCs.
Vendor: ISC
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2026-3608 | Stack overflow in Kea daemons CWE-617 | 7.5 | High | 2026-03-25 |
| CVE-2025-11232 | Invalid characters cause assert CWE-823 | 7.5 | High | 2025-10-29 |
| CVE-2025-40779 | Kea crash upon interaction between specific client options and subnet selection CWE-476 | 7.5 | High | 2025-08-27 |
| CVE-2025-32803 | Insecure file permissions can result in confidential information leakage CWE-276 | 4.0 | Medium | 2025-05-28 |
| CVE-2025-32802 | Insecure handling of file paths allows multiple local attacks CWE-73 | 6.1 | Medium | 2025-05-28 |
| CVE-2025-32801 | Loading a malicious hook library can lead to local privilege escalation CWE-94 | 7.8 | High | 2025-05-28 |
| CVE-2019-6472 | A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate | 6.5 | Medium | 2019-10-16 |
| CVE-2019-6473 | A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate | 6.5 | Medium | 2019-10-16 |
| CVE-2019-6474 | A packet containing a malformed DUID can cause the kea-dhcp6 server to terminate | 5.7 | Medium | 2019-10-16 |
All 9 known CVE vulnerabilities affecting Kea with full Chinese analysis, references, and POCs where available.