Known Vulnerabilities for Dhcpcd by Dhcpcd Project
Listed below are 10 of the newest known vulnerabilities associated with "Dhcpcd" by "Dhcpcd Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-56117 json | dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling w... | Not Provided | 2026-06-23 | 2026-06-24 |
| CVE-2026-56116 json | dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route i... | Not Provided | 2026-06-23 | 2026-07-01 |
| CVE-2026-56114 json | dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6_makemess... | Not Provided | 2026-06-23 | 2026-06-24 |
| CVE-2026-56113 json | dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-14258 json | A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Adverti... | Not Provided | 2026-07-01 | 2026-07-01 |
| CVE-2025-70102 json | A NULL pointer dereference occurs in Roy Marples NetworkConfiguration/dhcpcd 10.3.0 while parsing configuration options. In p... | Not Provided | 2026-06-15 | 2026-06-16 |
| CVE-2025-40164 json | In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix using smp_processor_id() in preemptible code... | Not Provided | 2025-11-12 | 2026-06-19 |
| CVE-2019-11766 json | dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature. | 9.8 - CRITICAL | 2019-05-05 | 2023-02-27 |
| CVE-2019-11579 json | dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED. | 5.3 - MEDIUM | 2019-04-28 | 2022-04-22 |
| CVE-2019-11578 json | auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks. | 5.9 - MEDIUM | 2019-04-28 | 2021-07-21 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Dhcpcd Project | Dhcpcd | 7.2.2 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.2.1 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.2.0 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.1.1 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.1.0 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.8 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.7 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.6 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.5 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.4 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.3 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.2 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.1 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.0 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.0 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.0 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.0 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.0 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.0 | |||
| Application | Dhcpcd Project | Dhcpcd | 7.0.0 |