CVE-2024-1086

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 20, 2026 4 articles

VulnLookup ↗ NVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

84.89%

probability

This CVE has a 84.89% probability of being exploited in the next 30 days.

0% Top 99.4th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Attack Intelligence

CWE-118 · Incorrect Access of Indexable Resource ('Range Error') CWE-119 · Buffer Overflow CWE-416 · Use After Free CWE-664 · Improper Control of a Resource Through its Lifetime CWE-666 · Operation on Resource in Wrong Phase of Lifetime CWE-672 · Operation on a Resource after Expiration or Release CWE-825 · Expired Pointer Dereference

Exploits & PoC

LLfam/CVE-2024-1086

PoC CVE-2024-1086 — LLfam/CVE-2024-1086

kevcooper/CVE-2024-1086-checker

PoC CVE-2024-1086 — kevcooper/CVE-2024-1086-checker

2 repos — triés par ⭐ Rechercher sur GitHub ↗

Defense Lessons From the Black Basta Ransomware Playbook

Qualys Feb 25, 2025

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw

TheHackerNews

Fragnesia (CVE-2026-46300): Frequently asked questions about new Linux Kernel XFRM ESP-in-TCP privilege escalation

Tenable-Research May 14, 2026

New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking

TheHackerNews

Signal Intelligence

Confidenceⓘ

85%

EPSS 84.89%

Mentions 4

Last Seen May 14, 2026

CNA Information

Analyst Note

CVE-2024-1086 is a Linux kernel flaw with CVSS 7.8 that CISA explicitly added to the Known Exploited Vulnerabilities catalog citing active exploitation. The 2024 CVE year combined with CISA's KEV listing and documented active exploitation in the wild provides strong evidence of zero-day status, though the exact timeline relative to patch availability is not fully detailed in the provided excerpts.