CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

RedhatCVE•added 2026/02/27 7:45 p.m.•6 views

CVE-2026-23749

Golioth Firmware SDK version 0.19.1 prior to 0.22.0, fixed in commit 0e788217, contain an out-of-bounds read due to improper null termination of a blockwise transfer path. blockwisetransferinit accepts a path whose length equals CONFIGGOLIOTHCOAPMAXPATHLEN and copies it using strncpy without...

2.9CVSS6AI score0.00165EPSS

Exploits0References1

RedhatCVE•added 2026/02/27 7:45 p.m.•4 views

CVE-2026-23748

Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of-bounds read in LightDB State string parsing. When processing a string payload, a payloadsize value less than 2 can cause a sizet underflow when computing the number of bytes to copy nbytes. The...

6.3CVSS5.9AI score0.00269EPSS

Exploits0References1

RedhatCVE•added 2026/02/27 7:45 p.m.•4 views

CVE-2026-23747

Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The goliothpayloadasint and goliothpayloadasfloat helpers copy network-supplied payload data into fixed-size stack buffers using memcpy with a length derived from...

6.3CVSS6.2AI score0.00297EPSS

Exploits0References1

EUVD•added 2026/02/26 6:31 p.m.•5 views

EUVD-2026-8867

6.3CVSS5.5AI score0.00269EPSS

Exploits0References4

EUVD•added 2026/02/26 6:31 p.m.•6 views

EUVD-2026-8868

6.3CVSS5.8AI score0.00297EPSS

Exploits0References4

EUVD•added 2026/02/26 6:31 p.m.•6 views

EUVD-2026-8869

2.9CVSS5.7AI score0.00165EPSS

Exploits0References4

NVD•added 2026/02/26 6:23 p.m.•6 views

CVE-2026-23749

2.9CVSS0.00165EPSS

Exploits0References5

NVD•added 2026/02/26 6:23 p.m.•6 views

CVE-2026-23748

6.3CVSS0.00269EPSS

Exploits0References5

NVD•added 2026/02/26 6:23 p.m.•5 views

CVE-2026-23747

6.3CVSS0.00297EPSS

Exploits0References5

OSV•added 2026/02/26 6:23 p.m.•3 views

CVE-2026-23748

6.3CVSS5.9AI score

Exploits0References5

OSV•added 2026/02/26 6:23 p.m.•5 views

CVE-2026-23747

6.3CVSS6.2AI score

Exploits0References5

OSV•added 2026/02/26 6:23 p.m.•4 views

CVE-2026-23749

2.1CVSS6AI score

Exploits0References5

ATTACKERKB•added 2026/02/26 5:32 p.m.•4 views

CVE-2026-23749

2.9CVSS6AI score0.00165EPSS

Exploits0References6Affected Software1

Vulnrichment•added 2026/02/26 5:32 p.m.•5 views

CVE-2026-23749 Golioth Firmware SDK < 0.22.0 Blockwise Transfer Path Out-of-Bounds Read

2.9CVSS6AI score0.00165EPSS

Exploits0References5

Cvelist•added 2026/02/26 5:32 p.m.•24 views

CVE-2026-23749 Golioth Firmware SDK < 0.22.0 Blockwise Transfer Path Out-of-Bounds Read

2.9CVSS0.00165EPSS

Exploits0References5

CVE•added 2026/02/26 5:32 p.m.•13 views

CVE-2026-23749

CVE-2026-23749 - Golioth Firmware SDK : The vulnerability affects Golioth Firmware SDK versions 0.19.1 prior to 0.22.0. The root cause is an out-of-bounds read caused by improper null termination when copying the blockwise transfer path in blockwise_transfer_init(). If the input path length equal...

2.9CVSS5.7AI score0.00165EPSS

Exploits0References5

ATTACKERKB•added 2026/02/26 5:31 p.m.•3 views

CVE-2026-23748

6.3CVSS5.8AI score0.00269EPSS

Exploits0References6Affected Software1

Vulnrichment•added 2026/02/26 5:31 p.m.•4 views

CVE-2026-23748 Golioth Firmware SDK < 0.22.0 LightDB State Out-of-Bounds Read

6.3CVSS5.9AI score0.00269EPSS

Exploits0References5

Cvelist•added 2026/02/26 5:31 p.m.•22 views

CVE-2026-23748 Golioth Firmware SDK < 0.22.0 LightDB State Out-of-Bounds Read