CVE-2026-7473 is a confirmed-exploited flaw in Arista EOS that allows attackers to bypass network segmentation by sending tunneled packets that the switch processes without verifying the encapsulating protocol type. CISA and VulnCheck KEV listings confirm active in-the-wild exploitation. Any EOS deployment with VXLAN, decap-group, or GRE tunnel interface configurations is affected; platforms without these configurations are not.