Out-of-bounds Read in Sonicwall Sonicos

CVE-2026-0402

A post-authentication Out-of-bounds Read vulnerability in SonicOS allows a remote attacker to crash a firewall.

Vulnerability class: Buffer Overflow

EPSS: 0.003 (49.6th percentile) — read the EPSS interpretation.

Affected products

Sonicwall Sonicos — versions 7.0.1-5169 and older versions, 7.3.1-7013 and older versions, 8.1.0-8017 and older versions

Weakness classification (CWE)

CWE-125 — Out-of-bounds Read

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0001 (vendor-advisory)