top of page
perceptive_background_267k.jpg

When processing the header of an incoming message, libnv failed to properly validate the message size.

The lack of validation allows a malicious program to wri…

Published:

29 April 2026 at 22:00:00

Alert date:

30 April 2026 at 15:02:17

Source:

nvd.nist.gov

Click to open the original link from this advisory

Operating Systems

CVE-2026-35547 is a vulnerability in FreeBSD's libnv library where improper validation of incoming message headers allows heap buffer overflow attacks. The flaw occurs during message size validation, enabling malicious programs to write beyond allocated heap boundaries. This can result in system crashes, kernel panics, or potential privilege escalation for unprivileged users. The vulnerability affects the core libnv library used for message processing in FreeBSD systems.

Technical details

Mitigation steps:

Affected products:

FreeBSD libnv

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-35547
https://security.freebsd.org/advisories/FreeBSD-SA-26:17.libnv.asc

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page