Is CVE-2026-45889 exploitable?

No community verdicts yet for CVE-2026-45889. Be the first to weigh in.

Is CVE-2026-45889 a false positive?

No community verdicts yet for CVE-2026-45889.

How do I remediate CVE-2026-45889?

See the authoritative references (NVD, vendor advisory) and community field notes on this page for remediation guidance.

CVE-2026-45889

is CVE-2026-45889real, exploitable, or a false positive? Here's the community verdict.

☆ Watch

signals

public sources

Exploited in wild

Not listed

CISA KEV

Base severity

5.5 Medium

CVSS

Exploitation prob.

0.2%

FIRST EPSS

Weakness

CWE-369

CWE

Moderate signals. Triage by your actual exposure and reachability.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not account for OoO in mptcp_rcvbuf_grow() MPTCP-level OoOs are physiological when multiple subflows are active concurrently and will not cause retransmissions nor are caused by drops. Accounting for them in mptcp_rcvbuf_grow() causes the rcvbuf slowly drifting towards tcp_rmem[2]. Remove such accounting. Note that subflows will still account for TCP-level OoO when the MPTCP-level rcvbuf is propagated. This also closes a subtle and very unlikely race condition with rcvspace init; active sockets with user-space holding the msk-level socket lock, could complete such initialization in the receive callback, after that the first OoO data reaches the rcvbuf and potentially triggering a divide by zero Oops.

References

NVD MITRE CVE.org

Published May 27, 2026

Embed this verdict

Markdown

[![TruePositive verdict](https://www.truepositive.app/cve/CVE-2026-45889/badge.svg)](https://www.truepositive.app/cve/CVE-2026-45889)

HTML

<a href="https://www.truepositive.app/cve/CVE-2026-45889"><img src="https://www.truepositive.app/cve/CVE-2026-45889/badge.svg" alt="TruePositive verdict for CVE-2026-45889"></a>

Live badge that updates automatically as the community verdict changes.

Community ground truth

Be the first practitioner to weigh in

So far this is only TruePositive's editorial baseline from public sources. Add your real-world verdict below — it becomes the signal the next person triaging this relies on.

🥇 The first 50 practitioners to contribute earn a Founding Contributor badge.

In your experience, is this finding real and exploitable?

0 verdicts

Not a real issue

No account needed. Anonymous verdicts post as an unverified signal. Log in to make yours verified and earn reputation.

Field notes & remediation

Verdicts are the quick signal. Notes are the evidence and fixes behind them.

No notes yet. Be the first to share what you saw, or a fix that worked.

Add a field note or remediationoptional

Same weakness: CWE-369.

CVE-2026-45841MED 5.5EPSS 0%
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO nf_osf_match_one() computes ctx->window % f->wss.val in the OSF_WSS_MODULO branch with no guard for f->wss.val == 0. A CAP_NET_ADMIN user can add such a fingerprint via nfnetlink; a subsequent matching TCP SYN divides by zero and panics the kernel. Reject the bogus fingerprint in nfnl_osf_add_callback() above the per-option for-loop. f->wss is per-fingerprint, not per-option, so the check must run regardless of f->opt_num (including 0). Also reject wss.wc >= OSF_WSS_MAX; nf_osf_match_one() already treats that as "should not happen". Crash: Oops: divide error: 0000 [#1] SMP KASAN NOPTI RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98) Call Trace: <IRQ> nf_osf_match (net/netfilter/nfnetlink_osf.c:220) xt_osf_match_packet (net/netfilter/xt_osf.c:32) ipt_do_table (net/ipv4/netfilter/ip_tables.c:348) nf_hook_slow (net/netfilter/core.c:622) ip_local_deliver (net/ipv4/ip_input.c:265) ip_rcv (include/linux/skbuff.h:1162) __netif_receive_skb_one_core (net/core/dev.c:6181) process_backlog (net/core/dev.c:6642) __napi_poll (net/core/dev.c:7710) net_rx_action (net/core/dev.c:7945) handle_softirqs (kernel/softirq.c:622)

CVE-2026-45889

Community ground truth

Field notes & remediation

Related CVEs