IBM OPENBMC FW1110.001110.11 DoS via unauthenticated network: CVE-2026-7254 May 2026

Open BMC Denial of Service
IBM OPENBMC FW1110.00 through FW1110.11 is vulnerable to denial of service attacks by unauthenticated network users.

Vulnerability Analysis

CVE-2026-7254 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a small impact on availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

NONE

Availability Impact:

LOW

Weakness Type

Improper Validation of Specified Quantity in Input

The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.

Products Associated with CVE-2026-7254

Want to know whenever a new CVE is published for IBM Openbmc? stack.watch will email you.

IBM OPENBMC FW1110.001110.11 DoS via unauthenticated network
CVE-2026-7254 Published on May 27, 2026

Vulnerability Analysis

Weakness Type

Improper Validation of Specified Quantity in Input

Products Associated with CVE-2026-7254

Affected Versions

IBM OPENBMC FW1110.001110.11 DoS via unauthenticated networkCVE-2026-7254 Published on May 27, 2026

Vulnerability Analysis

Weakness Type

Improper Validation of Specified Quantity in Input

Products Associated with CVE-2026-7254

Affected Versions

IBM OPENBMC FW1110.001110.11 DoS via unauthenticated network
CVE-2026-7254 Published on May 27, 2026