CVE-2026-10805
Networkmanager: networkmanager: local privilege escalation via malformed mud urls in dhclient backend
CVSS Score
6.7
EPSS Score
0.0%
EPSS Percentile
0th
A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description (MUD) URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL, provided an administrator has explicitly configured NetworkManager to use dhclient. This issue does not affect default configurations of NetworkManager.
| CWE | CWE-78 |
| Vendor | red hat |
| Product | multicluster engine for kubernetes |
| Published | Jun 4, 2026 |
| Last Updated | Jun 4, 2026 |
Stay Ahead of the Next One
Get instant alerts for red hat multicluster engine for kubernetes
Be the first to know when new medium vulnerabilities affecting red hat multicluster engine for kubernetes are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
Red Hat / Multicluster Engine for Kubernetes
All versions affected Red Hat / Red Hat Enterprise Linux 10
All versions affected Red Hat / Red Hat Enterprise Linux 10
All versions affected Red Hat / Red Hat Enterprise Linux 10
All versions affected Red Hat / Red Hat Enterprise Linux 10
All versions affected Red Hat / Red Hat Enterprise Linux 6
All versions affected Red Hat / Red Hat Enterprise Linux 6
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat JBoss Enterprise Application Platform Expansion Pack
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected Red Hat / Red Hat OpenShift Container Platform 4
All versions affected