CVE-2025-10262
6.3 MEDIUMNokia SR Linux is vulnerable to local privilege escalation vulnerability due to unsanitized format validation
Published: 2026-06-16 · Last updated: 2026-06-16
Severity and scoring
- CVSS
- 6.3 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H
- CWE
- CWE-134
Description
Nokia SR Linux is vulnerable to local privilege escalation vulnerability due to unsanitized format validation. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser privileges.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-10828 — A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250...
- CVE-2026-12174 — A security vulnerability has been detected in D-Link DCS-935L 1.10.01 (8.8 HIGH)
- CVE-2026-6250 — An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input (8.1 HIGH)
- CVE-2026-6242 — An authenticated format string vulnerability exists in the ONVIF Subscribe service in Tapo C520WS v2 due to improper handling of external...
- CVE-2026-6241 — An authenticated format string vulnerability is present in the ONVIF AddScopes in Tapo C520WS v2, where user-controlled input is improper...