CVE-2026-2261
HIGHCVSS v3
7.5
HIGH
EPSS Score
0.0%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes before it is able to exec the helper. At this point, blocklistd still records adverse events but is unable to block new addresses or unblock addresses whose database entries have expired. Once a second,
Technical Details
- CVSS v3 Vector
- 3.1
- Published
- 3/9/2026
- Last Modified
- 3/17/2026
Frequently Asked Questions
What is CVE-2026-2261?
Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null pointer and crashes before it is able to exec the helper. At this point, blocklistd still records adverse events but is unable to block new addresses or unblock addresses whose database entries have expired. Once a second,
Is CVE-2026-2261 actively exploited?
Active exploitation of CVE-2026-2261 has not been confirmed. The EPSS score is 0.0%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2026-2261?
CVE-2026-2261 has a CVSS v3 base score of 7.5 (HIGH severity), with vector string 3.1.
Is CVE-2026-2261 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.