Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

301 matches found

UbuntuCve
UbuntuCveadded 2026/01/21 8:16 p.m.1 views

CVE-2025-69209

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS6.8AI score0.00059EPSS
Exploits0References6
OSV
OSVadded 2026/01/21 8:16 p.m.1 views

UBUNTU-CVE-2025-69209

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS6.7AI score0.00059EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2026/01/21 8:0 p.m.1 views

CVE-2025-69209 ArduinoCore-avr has Stack-Based Buffer Overflow in WString Float/Double Constructors

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS6.8AI score0.00059EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2026/01/21 8:0 p.m.3 views

CVE-2025-69209

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS6.8AI score0.00059EPSS
Exploits0
CVE
CVEadded 2026/01/21 8:0 p.m.3 views

CVE-2025-69209

The CVE-2025-69209 entry concerns ArduinoCore-avr. A stack-based buffer overflow occurs in earlier releases (versions before 1.8.7) when converting floating-point values to strings with very high precision via dtostrf, writing beyond fixed-size stack buffers, causing memory corruption and potenti...

6.9CVSS6.8AI score0.00059EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/01/21 8:0 p.m.13 views

CVE-2025-69209 ArduinoCore-avr has Stack-Based Buffer Overflow in WString Float/Double Constructors

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS0.00059EPSS
Exploits0References5
OSV
OSVadded 2026/01/21 8:0 p.m.2 views

CVE-2025-69209 ArduinoCore-avr has Stack-Based Buffer Overflow in WString Float/Double Constructors

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS6.9AI score0.00059EPSS
Exploits0References7
EUVD
EUVDadded 2026/01/21 8:0 p.m.1 views

EUVD-2025-206313

ArduinoCore-avr contains the source code and configuration files of the Arduino AVR Boards platform. A vulnerability in versions prior to 1.8.7 allows an attacker to trigger a stack-based buffer overflow when converting floating-point values to strings with high precision. By passing very large...

6.9CVSS6.8AI score0.00059EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/01/21 12:0 a.m.0 views

Arduino and AVR Board Security Vulnerabilities

Arduino AVR Boards is an open-source software kernel of Arduino. Versions of Arduino AVR Boards prior to 1.8.7 contained security vulnerabilities. These vulnerabilities stemmed from stack buffer overflows during the conversion of high-precision floating-point numbers into strings, which could lea...

6.9CVSS6.2AI score0.00059EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2026/01/09 9:30 a.m.2 views

CVE-2023-43803

Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint /v2/pkgs/tools/installed and the way it handles plugin names supplied as user input. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass t...

7.1CVSS6.9AI score0.00017EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:28 a.m.4 views

CVE-2023-49296

The Arduino Create Agent allows users to use the Arduino Create applications to upload code to any USB connected Arduino board directly from the browser. A vulnerability in versions prior to 1.3.6 affects the endpoint /certificate.crt and the way the web interface of the ArduinoCreateAgent handle...

6.3CVSS6.8AI score0.00446EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:1 a.m.4 views

CVE-2023-43800

Arduino Create Agent is a package to help manage Arduino development. The vulnerability affects the endpoint /v2/pkgs/tools/installed. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass the CORS configuration, can escalate his privileges to those ...

7.8CVSS6.9AI score0.00031EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/12/19 4:23 p.m.2 views

CVE-2025-64724

Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions on sensitive application components, allowing any local user to replace legitimate files with malicious code. When another user launches the...

4.8CVSS6.9AI score0.0001EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/12/19 3:16 p.m.2 views

CVE-2025-64723

Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS was configured with overly permissive security entitlements that could bypass macOS Hardened Runtime protections. This configuration allows attackers to inject malicious dynamic libraries into the...

4.8CVSS6.7AI score0.00013EPSS
Exploits0References1
NVD
NVDadded 2025/12/18 4:15 p.m.4 views

CVE-2025-64723

Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS was configured with overly permissive security entitlements that could bypass macOS Hardened Runtime protections. This configuration allows attackers to inject malicious dynamic libraries into the...

4.8CVSS0.00013EPSS
Exploits0References5
CVE
CVEadded 2025/12/18 3:18 p.m.8 views

CVE-2025-64724

Summary: CVE-2025-64724 affects Arduino IDE for macOS before version 2.3.7. The vulnerable component(s) are the application files installed with world-writable permissions, enabling any local user to replace legitimate files with malicious code. When a different local user launches the IDE, the i...

7.3CVSS6.5AI score0.0001EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2025/12/18 3:18 p.m.23 views

CVE-2025-64724 Arduino IDE for macOS has Insecure File Permissions

Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions on sensitive application components, allowing any local user to replace legitimate files with malicious code. When another user launches the...

4.8CVSS0.0001EPSS
Exploits0References4
EUVD
EUVDadded 2025/12/18 3:18 p.m.1 views

EUVD-2025-204308

Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions on sensitive application components, allowing any local user to replace legitimate files with malicious code. When another user launches the...

4.8CVSS6.4AI score0.0001EPSS
Exploits0References4
OSV
OSVadded 2025/12/18 3:18 p.m.1 views

CVE-2025-64724 Arduino IDE for macOS has Insecure File Permissions

Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions on sensitive application components, allowing any local user to replace legitimate files with malicious code. When another user launches the...

4.8CVSS6.8AI score0.0001EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2025/12/18 3:18 p.m.2 views

CVE-2025-64724 Arduino IDE for macOS has Insecure File Permissions

Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions on sensitive application components, allowing any local user to replace legitimate files with malicious code. When another user launches the...

4.8CVSS6.5AI score0.0001EPSS
Exploits0References4
Rows per page
Query Builder