OpenBSD
Security Risk Profile
35
/100
lowSecurity Risk Score
Comprehensive risk assessment based on 359 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from August 24, 1997 to present
359
Total CVEs
164
Critical+High
6
Exploited
40
Unpatched
Threat Assessment
Avg CVSS
6.4
Base severity
Avg EPSS
9%
Exploit probability
Unpatched
40
Critical/High
Risk Level
35/100
low
⚠️ 6 Active Exploits🆕 4Fresh (<7d)📈 5 in Last 30 Days
Severity Distribution
Critical
44High
120Medium
155Low
30Exploit Likelihood
>50% chance
120-50%
15-20%
1<5%
9Age Distribution
Common Weaknesses (CWE)
1
Buffer Overflow
44
2
Input Validation
24
3
Integer Overflow
17
4
Race Condition
14
5
Infoleak
10
Most Affected Products
1. Cisco IOS1508
2. OpenBSD OpenSSH1478
3. OpenBSD OpenBSD754
4. FreeBSD FreeBSD684
5. Linux Linux kernel436
Recent Vulnerabilities
See more →https://reddit.com/r/cybersecurity/comments/1tbvxti/claude_mythos_technical_breakdown_cve20264747_rop/
unknown
Claude Mythos technical breakdown: CVE-2026-4747 ROP chain, OpenBSD SACK integer overflow, Linux 1-bit OOB-to-root, and what AISLE's reproductions actually showed
5/13/2026🔧 No Patch
CVE-2026-7164
CVSS 7.5EPSS 0%high
pf can overflow the stack parsing crafted SCTP packets
4/30/2026🔧 No Patch
CVE-2026-41285
CVSS 4.3medium
4/20/2026
CVE-2026-35414
CVSS 8.1high
4/2/2026
CVE-2026-35388
CVSS 2.5low
4/2/2026
CVE-2026-35387
CVSS 6.5medium
4/2/2026🔧 No Patch
CVE-2026-35386
CVSS 8.1high
4/2/2026
CVE-2026-35385
CVSS 8.1high
4/2/2026
CVE-2026-4748
CVSS 7.5EPSS 0%high
pf silently ignores certain rules
4/1/2026🔧 No Patch
https://seclists.org/oss-sec/2026/q1/312
unknown
Some telnet clients leak environment variables
3/14/2026🔧 No Patch
Monitor OpenBSD in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.