Vulnerability in Freebsd

CVE-2026-2261

Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked…

EPSS: 0.000 (9.5th percentile) — read the EPSS interpretation.

Affected products

Freebsd — versions 15.0-RELEASE

Weakness classification (CWE)

CWE-772 — Missing Release of Resource after Effective Lifetime

References

security.freebsd.org/advisories/FreeBSD-SA-26:03.blocklistd.asc (vendor-advisory)