PT-2026-28761 · Frrouting+2 · Frrouting Frr+2

Rensiru

Published

2026-03-30

Updated

2026-06-03

CVE-2026-5107

CVSS v3.1

4.2

Medium

Vector

AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions FRRouting FRR versions up to 10.5.1

Description A security issue exists in FRRouting FRR related to improper access controls within the EVPN Type-2 Route Handler component. The issue is located in the process type2 route function of the bgpd/bgp evpn.c file. The attack can be initiated remotely and is considered difficult to exploit.

Recommendations Deploy a patch to address this issue.

Fix

Incorrect Privilege Assignment

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-266CWE-284

Related Identifiers

CVE-2026-5107

OPENSUSE-SU-2026:10606-1

SUSE-SU-2026:22026-1

USN-8175-1

Affected Products

Frrouting Frr

Linuxmint

Ubuntu

PT-2026-28761 · Frrouting+2 · Frrouting Frr+2

CVE-2026-5107

Weakness Enumeration

Related Identifiers

Affected Products

References · 27