CVE-2026-41285

Q: What is the severity of CVE-2026-41285?

CVE-2026-41285 is considered a critical vulnerability due to its potential to cause an infinite loop in key networking daemons.

Q: How does CVE-2026-41285 affect OpenBSD systems?

CVE-2026-41285 affects OpenBSD systems running versions up to 7.8, specifically targeting the slaacd and rad daemons.

Q: How do I fix CVE-2026-41285?

To mitigate CVE-2026-41285, update your OpenBSD system to the latest version that addresses this vulnerability.

Q: What are the potential impacts of CVE-2026-41285?

The impact of CVE-2026-41285 includes service disruption due to the affected daemons entering an infinite loop.

Q: Is CVE-2026-41285 exploitation easily detectable?

Exploitation of CVE-2026-41285 may lead to increased network traffic patterns or service unavailability, which can be monitored.

Published Apr 20, 2026

Updated

In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery (ND) option (over a local network) with length zero, because of an "nd_opt_len * 8 - 2" expression with no preceding check for whether nd_opt_len is zero.

Affected Software

3 affected components

OpenBSD slaacd<=7.8

OpenBSD rad<=7.8

OpenBSD OpenBSD<=7.8

Remediation

Patch Available

https://github.com/openbsd/src/commit/086c5738bcd3c203bcc08d024fcf983cb409115f

Event History

Apr 20, 2026

CVE Published

via MITRE·12:00 AM

Data Sourced

via MITRE·12:00 AM

DescriptionSeverityWeakness

Apr 21, 2026

Data Sourced

via NVD·12:16 AM

RemedyDescriptionSeverityWeaknessAffected Software

Frequently Asked Questions

What is the severity of CVE-2026-41285?

CVE-2026-41285 is considered a critical vulnerability due to its potential to cause an infinite loop in key networking daemons.

How does CVE-2026-41285 affect OpenBSD systems?

CVE-2026-41285 affects OpenBSD systems running versions up to 7.8, specifically targeting the slaacd and rad daemons.

How do I fix CVE-2026-41285?

To mitigate CVE-2026-41285, update your OpenBSD system to the latest version that addresses this vulnerability.

What are the potential impacts of CVE-2026-41285?

The impact of CVE-2026-41285 includes service disruption due to the affected daemons entering an infinite loop.

Is CVE-2026-41285 exploitation easily detectable?

Exploitation of CVE-2026-41285 may lead to increased network traffic patterns or service unavailability, which can be monitored.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2026-41285

Affected Software

Remediation

Patch Available

Event History

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2026-41285?

How does CVE-2026-41285 affect OpenBSD systems?

How do I fix CVE-2026-41285?

What are the potential impacts of CVE-2026-41285?

Is CVE-2026-41285 exploitation easily detectable?

Company

Resources

Contact