CVE-2026-4226 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: March 16, 2026
Overview
A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The affected element is the function sub_44E8D0 of the file /goform/get_virtual_cfg. Executing a manipulation can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Severity & Score
References
Social Media Activity(2 posts)
š CVE-2026-4226 - High (8.8) A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The affected element is the function sub_44E8D0 of the file /goform/get_virtual_cfg. Executing a manipulation can lead to stack-based buffer overflow. The attack may be performed from remo... š https://www.thehackerwire.com/vulnerability/CVE-2026-4226/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-4226 - High (8.8) A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The affected element is the function sub_44E8D0 of the file /goform/get_virtual_cfg. Executing a manipulation can lead to stack-based buffer overflow. The attack may be performed from remo... š https://www.thehackerwire.com/vulnerability/CVE-2026-4226/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-4226
- Severity
- High
- CVSS Score
- 8.8
- Status
- unconfirmed
- EPSS
- 4.1%
- Social Posts
- 2
CWE
- CWE-119
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H