You are viewing this page in an unauthorized frame window.

This is a potential security issue, you are being redirected to

https://nvd.nist.gov

https://nvd.nist.gov

U.S. flag

Dot gov

Official websites use .gov

A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS

A lock () or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Dot gov

Information Technology Laboratory

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database

Vulnerabilities

Vulnerabilities

CVE-2026-57589

Detail

This CVE record has been marked for NVD enrichment efforts.

Description

sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in sys_semget().

Metrics

NIST CVSS score

[N/A]()

NIST CVSS score

[N/A]()

Nist CVSS score does not match with CNA score

7.4 HIGH

National Institute of Standards and Technology

[N/A]()

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace.

We have provided these links to other web sites because they

may have information that would be of interest to you. No

inferences should be drawn on account of other sites being

referenced, or not, from this page. There may be other web

sites that are more appropriate for your purpose. NIST does

not necessarily endorse the views expressed, or concur with

the facts presented on these sites. Further, NIST does not

endorse any commercial products that may be mentioned on

these sites. Please address comments about this page to [email protected].

[[email protected]](/cdn-cgi/l/email-protection#6b051d0f2b0502181f450c041d)

https://github.com/openbsd/src/commit/1957873d2063db11dab780eca75b5e629d1e838d

https://openai.com/index/patch-the-planet/

Weakness Enumeration

CWE-416

Change History

show changes

CVE Modified by CISA-ADP

6/26/2026 1:16:31 AM

CVE Modified by CISA-ADP

6/25/2026 9:16:49 AM

New CVE Received from MITRE

6/24/2026 9:16:26 PM

Quick Info

CVE-2026-57589