Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
2616 articles · 172927 vulns · 36/41 feeds (7d)
← Back to list
7.5
CVE-2026-50031EXPLOITEDPATCHED
freeipmi · freeipmi

CVE-2026-50031: ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Manag

Description

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands "ipmi-oem dell get-active-directory-config" and "ipmi-oem fujitsu get-sel-entry-long-text" were found to have exploitable buffer overflows on response messages.

Affected Products

VendorProductVersions
freeipmifreeipmi0.7.12

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
oracleoracle linuxcert_advisory90%
red hatenterprise linuxcert_advisory90%
resfresf rocky linuxcert_advisory90%

References

  • https://savannah.gnu.org/bugs/index.php?68363
  • https://savannah.gnu.org/bugs/index.php?68364
  • https://lists.gnu.org/archive/html/info-gnu/2026-06/msg00000.html

Related News (5 articles)

Tier B
BSI Advisories2h ago
[NEU] [mittel] Red Hat Enterprise Linux (freeipmi): Schwachstelle ermöglicht Denial of Service
→ No new info (linked only)
Tier B
CERT-FR28d ago
Multiples vulnérabilités dans les produits Microsoft (10 juin 2026)
→ No new info (linked only)
Tier A
Microsoft MSRC29d ago
CVE-2026-50031 ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands "ipmi-oem dell get-active-directory-config" and "ipmi-oem fujitsu get-sel-entry-long-text" were found to have exploitable buffer overflows on response messages.
→ No new info (linked only)
Tier C
oss-security35d ago
Re: Fwd: FreeIPMI 1.6.18 Released with security fixes
→ No new info (linked only)
Tier C
VulDB35d ago
CVE-2026-50031 | FreeIPMI up to 1.6.17 Intelligent Platform Management Interface stack-based overflow
→ No new info (linked only)
CVSS 3.17.5 HIGH
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA KEV❌ No
Actively exploited✅ Yes
Patch available
1.6.18
CWECWE-121
PublishedJun 3, 2026
Last enriched35d agov3
Trending Score79
Source articles5
Independent5
Info Completeness10/14
Missing: epss, kev, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jun 3, 2026
Discovered by ZDM
Jun 3, 2026
Updated: severity, activelyExploited, affectedVersions
Jun 3, 2026
Updated: exploitAvailable
Jun 3, 2026
Actively Exploited
Jun 3, 2026
Exploit Available
Jun 3, 2026
Patch Available
Jun 3, 2026

Version History

v3
Last enriched 35d ago
v3Tier C35d ago

Updated exploit availability to true and confirmed patch version 1.6.18.

exploitAvailable
via oss-security
v2Tier C35d ago

Updated severity to CRITICAL, marked as actively exploited, and added affected version 1.6.17.

severityactivelyExploitedaffectedVersions
via VulDB
v135d ago

Initial creation