Sign in Get started

← All advisories

Medium severity6.6NVD Advisory· Published Apr 28, 2026· Updated Apr 30, 2026

CVE-2026-42510

CVE-2026-42510

Description

OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
ironicPyPI	<= 25.0.0	—

Affected products

1

OpenStack/Ironicinferred
Range: <35.0.1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

github.com/advisories/GHSA-wqpv-c3pp-3m58ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2026-42510ghsaADVISORY
www.openwall.com/lists/oss-security/2026/04/30/1nvdWEB
bugs.launchpad.net/ironic/+bug/2148331nvdWEB

News mentions

1

Cleartext Passwords in MS Edge? In 2026?, (Mon, May 4th)
SANS Internet Storm Center · May 5, 2026