CVE-2026-25621
published 2026-06-05CVE-2026-25621: A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input…
PriorityP432medium6CVSS 3.1
AVNACLPRHUINSUCHILAL
EPSS
0.22%
12.6th percentile
A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arista | ng_firewall | — | — |
| arista_networks | arista_edge_threat_management_arista_next_generation_firewall | — | — |
CVSS provenance
nvdv3.16.0MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
nvdv4.07.0HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Arista Edge Threat Management 17.4.0 os command injection
vuldb·2026-06-06·CVSS 7.0
CVE-2026-25621 [HIGH] Arista Edge Threat Management 17.4.0 os command injection
A vulnerability, which was classified as critical, was found in Arista Edge Threat Management 17.4.0. Impacted is an unknown function. The manipulation results in os command injection.
This vulnerability is known as CVE-2026-25621. It is possible to launch the attack remotely. No exploit is available.
GHSA
A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation.
ghsa_unreviewed·2026-06-05
CVE-2026-25621 [HIGH] CWE-78 A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation.
A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2024-25621 cri-o1.30: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 cri-o1.30: containerd local privilege escalation [fedora-42]
CVE-2024-25621 cri-o1.30: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from
Bugzilla
CVE-2024-25621 helm: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 helm: containerd local privilege escalation [fedora-42]
CVE-2024-25621 helm: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from rele
Bugzilla
CVE-2024-25621 cri-o1.31: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 cri-o1.31: containerd local privilege escalation [fedora-42]
CVE-2024-25621 cri-o1.31: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from
Bugzilla
CVE-2024-25621 cri-o: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 cri-o: containerd local privilege escalation [fedora-42]
CVE-2024-25621 cri-o: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from rel
Bugzilla
CVE-2024-25621 kata-containers: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 kata-containers: containerd local privilege escalation [fedora-42]
CVE-2024-25621 kata-containers: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug report
Bugzilla
CVE-2024-25621 cri-o1.29: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 cri-o1.29: containerd local privilege escalation [fedora-42]
CVE-2024-25621 cri-o1.29: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from
Bugzilla
CVE-2024-25621 pack: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 pack: containerd local privilege escalation [fedora-42]
CVE-2024-25621 pack: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from rele
Bugzilla
CVE-2024-25621 manifest-tool: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 manifest-tool: containerd local privilege escalation [fedora-42]
CVE-2024-25621 manifest-tool: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports
Bugzilla
CVE-2024-25621 golang-github-containerd: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 golang-github-containerd: containerd local privilege escalation [fedora-42]
CVE-2024-25621 golang-github-containerd: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all b
Bugzilla
CVE-2024-25621 golang-gvisor: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 golang-gvisor: containerd local privilege escalation [fedora-42]
CVE-2024-25621 golang-gvisor: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports
Bugzilla
CVE-2024-25621 reg: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 reg: containerd local privilege escalation [fedora-42]
CVE-2024-25621 reg: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from relea
Bugzilla
CVE-2024-25621 golang-github-containerd-fuse-overlayfs-snapshotter: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 golang-github-containerd-fuse-overlayfs-snapshotter: containerd local privilege escalation [fedora-42]
CVE-2024-25621 golang-github-containerd-fuse-overlayfs-snapshotter: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fed
Bugzilla
CVE-2024-25621 trivy: containerd local privilege escalation [fedora-43]
bugzilla·2025-12-04·CVSS 7.3
CVE-2024-25621 [HIGH] CVE-2024-25621 trivy: containerd local privilege escalation [fedora-43]
CVE-2024-25621 trivy: containerd local privilege escalation [fedora-43]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
FEDORA-2026-868e266938 (trivy-0.69.3-1.fc43) has been submitted as an update to Fedora 43.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-868e266938
---
FEDORA-2026-868e266938 has been pushed to the Fedora 43
Bugzilla
CVE-2024-25621 stargz-snapshotter: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 stargz-snapshotter: containerd local privilege escalation [fedora-42]
CVE-2024-25621 stargz-snapshotter: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug rep
Bugzilla
CVE-2024-25621 source-to-image: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 source-to-image: containerd local privilege escalation [fedora-42]
CVE-2024-25621 source-to-image: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug report
Bugzilla
CVE-2024-25621 golang-github-moby-buildkit: containerd local privilege escalation [fedora-42]
bugzilla·2025-12-04·CVSS 7.8
CVE-2024-25621 [HIGH] CVE-2024-25621 golang-github-moby-buildkit: containerd local privilege escalation [fedora-42]
CVE-2024-25621 golang-github-moby-buildkit: containerd local privilege escalation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
The following link provides references to all essential vulnerability management information. If something is wrong or missing, please contact a member of PSIRT.
https://spaces.redhat.com/display/PRODSEC/Vulnerability+Management+-+Essential+Documents+for+Engineering+Teams
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close al
2026-06-05
Published