Lucene search
K

59 matches found

RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.9 views

CVE-2026-46532

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser avrcparsvendorcmd in components/bt/host/bluedroid/stack/avrc/avrcparstg.c. This issue has been patched ...

4.6CVSS5.4AI score0.00228EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 2:16 a.m.11 views

CVE-2026-46532

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser avrcparsvendorcmd in components/bt/host/bluedroid/stack/avrc/avrcparstg.c. This issue has been patched ...

4.6CVSS0.00228EPSS
Exploits0References7
NVD
NVD
added 2026/06/10 2:16 a.m.10 views

CVE-2026-45328

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

9.3CVSS0.00126EPSS
Exploits0References7
NVD
NVD
added 2026/06/10 2:16 a.m.14 views

CVE-2026-45541

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esphttpserver component. While parsing the client-supplied Sec-WebSocket-Protocol request...

7.5CVSS0.00439EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/10 12:35 a.m.35 views

CVE-2026-46532 ESF-IDF: Heap Out-of-Bounds Read in Bluedroid AVRCP Target Parser

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser avrcparsvendorcmd in components/bt/host/bluedroid/stack/avrc/avrcparstg.c. This issue has been patched ...

4.6CVSS0.00228EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/10 12:35 a.m.9 views

EUVD-2026-35919

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser avrcparsvendorcmd in components/bt/host/bluedroid/stack/avrc/avrcparstg.c. This issue has been patched ...

4.6CVSS5.4AI score0.00228EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/10 12:34 a.m.10 views

EUVD-2026-35918

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 SRP6a session-setup path of the protocomm component. The first-phase handler handlesessioncommand0 in...

7.1CVSS5.8AI score0.00325EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/10 12:34 a.m.50 views

CVE-2026-45542 ESF-IDF: Heap buffer overflow in protocomm Security2 over Bluetooth

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 SRP6a session-setup path of the protocomm component. The first-phase handler handlesessioncommand0 in...

7.1CVSS0.00325EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/10 12:33 a.m.36 views

CVE-2026-45328 ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

9.3CVSS0.00126EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/10 12:26 a.m.9 views

EUVD-2026-35915

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser parseoptions in components/lwip/apps/dhcpserver/dhcpserver.c shipped with ESP-IDF's lwIP component. The pars...

6.5CVSS5.5AI score0.00246EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/10 12:26 a.m.6 views

CVE-2026-45160 ESF-IDF: Out-of-bounds Read in lwIP DHCP Server Option Parser

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser parseoptions in components/lwip/apps/dhcpserver/dhcpserver.c shipped with ESP-IDF's lwIP component. The pars...

6.5CVSS5.6AI score0.00246EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/10 12:25 a.m.37 views

CVE-2026-45541 ESF-IDF: Remote Null Pointer Dereference in WebSocket Server

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esphttpserver component. While parsing the client-supplied Sec-WebSocket-Protocol request...

7.5CVSS0.00439EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/10 12:25 a.m.9 views

EUVD-2026-35914

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esphttpserver component. While parsing the client-supplied Sec-WebSocket-Protocol request...

7.5CVSS5.4AI score0.00439EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/10 12:25 a.m.9 views

CVE-2026-45541 ESF-IDF: Remote Null Pointer Dereference in WebSocket Server

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esphttpserver component. While parsing the client-supplied Sec-WebSocket-Protocol request...

7.5CVSS5.4AI score0.00439EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

ESP-IDF 安全漏洞

ESP-IDF is an open-source development framework for Espressif’s SoCs, supported on Windows, Linux, and macOS. Versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0 of ESP-IDF contain security vulnerabilities. These vulnerabilities stem from a buffer overflow in the session setting path of the protocomm...

7.1CVSS6AI score0.00325EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

ESP-IDF 输入验证错误漏洞

ESP-IDF is an open-source development framework for Espressif’s SoCs, supported on Windows, Linux, and macOS. Versions 5.5.4 and 6.0 of ESP-IDF contain input validation vulnerabilities. These vulnerabilities stem from issues with the security service wrapper component in the esptee module, which...

9.3CVSS5.3AI score0.00126EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.16 views

ESP-IDF 缓冲区错误漏洞

ESP-IDF is an open-source development framework for Espressif’s SoCs, supported on Windows, Linux, and macOS. Versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0 of ESP-IDF contain buffer error vulnerabilities, which stem from out-of-bounds reads in the BlueDroid AVRCP vendor-command parser...

4.6CVSS5.5AI score0.00228EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.13 views

ESP-IDF 代码问题漏洞

ESP-IDF is an open-source development framework for Espressif’s Espressif SoC, supported on Windows, Linux, and macOS. Versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0 of ESP-IDF contain code vulnerabilities. These vulnerabilities stem from null pointer dereferencing in the WebSocket sub-protocol...

7.5CVSS5.4AI score0.00439EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.15 views

ESP-IDF 缓冲区错误漏洞

ESP-IDF is an open-source development framework for Espressif’s SoCs, supported on Windows, Linux, and macOS. Versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1 of ESP-IDF contain buffer overflow vulnerabilities. These vulnerabilities stem from an out-of-bounds read issue in the DHCP server option...

6.5CVSS5.8AI score0.00246EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/05 7:24 p.m.6 views

CVE-2026-25508

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...

6.3CVSS5.7AI score0.00204EPSS
Exploits0References1
Rows per page
Query Builder