hypeorhack
← back

CVE-2026-7668

HIGH · 7.3
hype LIKELY HACK · 72 hack

Public exploit available, high CVSS, but social signal is automated feeds only; no KEV or confirmed active exploitation yet.

What: Out-of-bounds read in MikroTik RouterOS 6.49.8 SCEP endpoint (scep.p library) via malformed transactionID/messageType parameters; CVSS 7.3 HIGH.

Why it matters: Exploit is publicly available and vendor (MikroTik) ignored early disclosure attempts. RouterOS SCEP endpoints are Internet-facing on many networks. No KEV listing yet, but public PoC + vendor non-response + high CVSS elevates risk significantly.

Where it's seen: Same-day social chatter on Bluesky and Twitter from vulnerability feeds; posts are largely automated NVD mirrors with no independent researcher analysis or defender triage signals yet.

RISK: HIGH — Public PoC, vendor unresponsive, affects Internet-facing device management service.

Generated by claude-haiku-4-5 from public posts and authoritative metadata. AI can make mistakes — verify against vendor advisories before acting. 5/2/2026, 10:55:39 PM

AttackerKB

view on attackerkb.com →

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1_STRING_data in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Public PoCs on GitHub 2 repos

Articles & coverage 15 articles

  • CVE-2026-7468: A security vulnerability has Authorization bypass

    A CVSS score of 7.3 means this vulnerability is straightforward to exploit, likely to cause significant damage, or both. For startups and

  • Oracle Linux 9 : nghttp2 (ELSA-2026-7668) | Tenable®

    The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-7668 advisory.

  • CVE-2026-27668: RUGGEDCOM SAM-P Privilege Escalation Flaw

    # CVE-2026-27668: RUGGEDCOM SAM-P Privilege Escalation Flaw. CVE-2026-27668 is a privilege escalation vulnerability in RUGGEDCOM CROSSBOW Secure Access Manager Primary that allows User Administrators to escalate privileges. A privilege escalation vulnerability has been identified in Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) affecting all versions prior to V5.8. The vulnerabi

  • AlmaLinux 9 : nghttp2 (ALSA-2026:7668) | Tenable®

    Vulnerability Information ; Exploit Ease: No known exploits are available ; Patch Publication Date: 4/13/2026 ; Vulnerability Publication Date: 3/

  • Rocky Linux RLSA-2026-7647 newlib Security Update for Improved Stability

    {"type": "TYPE\_SECURITY", "shortCode": "RL", "name": "RLSA-2026:7668", "synopsis": "Important: nghttp2 security update", "severity": "SEVERITY\_IMPORTANT", "topic": "An update is available for nghttp2.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "descri

Page 1 of 3
NVD details 2 CWE ·0 vendors · 4 refs expand

Description

A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1_STRING_data in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Weaknesses

References

Other · 4

Top posts driving the trend