kea (SUSE:Linux Enterprise Server 16.0) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 16.0 package kea, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2025-11232 — CVSS 7.5 (high): To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting…
CVE-2026-3608 — CVSS 7.5 (high): Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket…