CVE-2026-40227
published 2026-04-10CVE-2026-40227: In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element.
PriorityP422medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
0.20%
10.2th percentile
In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| systemd | systemd | >= 260 < 261 | 261 |
| systemd_project | systemd | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
vendor_redhat6.2MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
systemd: systemd: Denial of Service via malicious IPC API call with null element
vendor_redhat·2026-04-10·CVSS 6.2
CVE-2026-40227 [MEDIUM] CWE-476 systemd: systemd: Denial of Service via malicious IPC API call with null element
systemd: systemd: Denial of Service via malicious IPC API call with null element
A flaw was found in systemd. A local unprivileged user can exploit this vulnerability by making an Inter-Process Communication (IPC) API call with a specially crafted array or map containing a null element. This can trigger an assert, leading to a Denial of Service (DoS) condition, which makes the system unavailable.
Statement: A flaw in systemd allows a local unprivileged user to cause a Denial of Service by making a crafted Inter-Process Communication (IPC) API call. The issue is restricted to systemd v260 only, the systemd versions as shipped as with Red Hat products are not affected by this vulnerability as it doesn't ship the commit which introduced the vulnerability.
Package: NetworkManager (Red Hat E
GHSA
GHSA-x53v-pxf5-chx6: In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element
ghsa_unreviewed·2026-04-10
CVE-2026-40227 [MEDIUM] CWE-1025 GHSA-x53v-pxf5-chx6: In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element
In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element.
No detection rules found.
No public exploits indexed.
2026-04-10
Published