CVE-2026-22885

🗓️ 20 Feb 2026 15:35:02Reported by icscertType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 5 Views

Out-of-bounds read in EnOcean SmartServer up to 4.60.009, allows memory leak via network messages.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-22885	20 Feb 202615:35	–	attackerkb
Circl	CVE-2026-22885	19 Feb 202611:00	–	circl
CNNVD	EnOcean SmartServer IoT 缓冲区错误漏洞	20 Feb 202600:00	–	cnnvd
Cvelist	CVE-2026-22885 EnOcean SmartServer IoT Out-of-bounds Read	20 Feb 202615:35	–	cvelist
NVD	CVE-2026-22885	20 Feb 202616:22	–	nvd
Positive Technologies	PT-2026-21022	20 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-22885	21 Feb 202619:29	–	redhatcve
The Hacker News	⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More	4 May 202614:23	–	thn
Vulnrichment	CVE-2026-22885 EnOcean SmartServer IoT Out-of-bounds Read	20 Feb 202615:35	–	vulnrichment

Vulners

Node

enocean_edge_inc smartserver_iotRange≤4.60.009

[
  {
    "defaultStatus": "unaffected",
    "product": "SmartServer IoT",
    "vendor": "EnOcean Edge Inc",
    "versions": [
      {
        "lessThanOrEqual": "4.60.009",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "4.60.023"
      }
    ]
  }
]

Source	Link
github	www.github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-050-01.json
enoceanwiki	www.enoceanwiki.atlassian.net/wiki/spaces/DrftSSIoT/pages/1475410/SmartServer+IoT+Release+Notes
cisa	www.cisa.gov/news-events/ics-advisories/icsa-26-050-01
enoceanwiki	www.enoceanwiki.atlassian.net/wiki/spaces/IEC/pages/288063529/Enhancing+Security

15 Apr 2026 00:35Current

5.6Medium risk

Vulners AI Score5.6

CVSS 3.13.7

EPSS0.00055

SSVC

CWE-125