CVE-2026-40228: Low severity systemd systemd vulnerability

Published Apr 10, 2026

Updated

In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set.

Affected Software

2 affected components

systemd systemd=259

Systemd Project Systemd=259

Event History

Apr 10, 2026

CVE Published

via MITRE·03:48 PM

Data Sourced

via MITRE·03:48 PM

DescriptionSeverityWeakness

Data Sourced

via NVD·04:16 PM

DescriptionSeverityWeaknessAffected Software

Frequently Asked Questions

What is the severity of CVE-2026-40228?

CVE-2026-40228 has a medium severity level due to its potential for arbitrary command execution via terminal manipulation.

How do I fix CVE-2026-40228?

To fix CVE-2026-40228, update systemd to a version newer than 259 or disable ForwardToWall option in the configuration.

What systems are affected by CVE-2026-40228?

CVE-2026-40228 affects systemd version 259 in any environment where it is deployed.

What consequences can arise from CVE-2026-40228?

Exploitation of CVE-2026-40228 can lead to unexpected behavior in user terminals, including execution of arbitrary ANSI escape sequences.

Where can I learn more about CVE-2026-40228?

Further information regarding CVE-2026-40228 can typically be found in security advisories from systemd or related cybersecurity bulletins.

CVE-2026-40228: Low severity systemd systemd vulnerability

Affected Software

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2026-40228?

How do I fix CVE-2026-40228?

What systems are affected by CVE-2026-40228?

What consequences can arise from CVE-2026-40228?

Where can I learn more about CVE-2026-40228?

Company

Resources

Contact