Lucene search
K

5 matches found

EUVD
EUVD
added 2025/11/11 12:41 a.m.1 views

EUVD-2025-55293

Malicious code in compatible-maroon-toucan npm...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/20 5:33 p.m.7 views

CVE-2025-55293

Meshtastic is an open source mesh networking solution. Prior to v2.6.3, an attacker can send NodeInfo with a empty publicKey first, then overwrite it with a new key. First sending a empty key bypasses 'if p.publickey.size 0 ', clearing the existing publicKey and resetting the size to 0 for a know...

9.4CVSS5.9AI score0.00398EPSS
Exploits0References1
NVD
NVD
added 2025/08/18 6:15 p.m.5 views

CVE-2025-55293

Meshtastic is an open source mesh networking solution. Prior to v2.6.3, an attacker can send NodeInfo with a empty publicKey first, then overwrite it with a new key. First sending a empty key bypasses 'if p.publickey.size 0 ', clearing the existing publicKey and resetting the size to 0 for a know...

9.8CVSS0.00398EPSS
Exploits0References3
Circl
Circl
added 2025/08/18 5:45 p.m.12 views

CVE-2025-55293

creationtimestamp| type| source ---|---|--- 2025-08-18 17:45:11+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115051011155934268 2025-08-18 20:18:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lwp7sl6utp2c 2025-08-19 06:01:30+00:00| seen|...

9.8CVSS6.6AI score0.00398EPSS
Exploits0References3
OSV
OSV
added 2025/08/18 5:24 p.m.6 views

CVE-2025-55293 Meshtastic allows crafting of specific NodeInfo packets that overwrite any publicKey saved in the NodeDB

Meshtastic is an open source mesh networking solution. Prior to v2.6.3, an attacker can send NodeInfo with a empty publicKey first, then overwrite it with a new key. First sending a empty key bypasses 'if p.publickey.size 0 ', clearing the existing publicKey and resetting the size to 0 for a know...

9.4CVSS6.6AI score0.00398EPSS
Exploits0References5
Rows per page
Query Builder