CVE-2026-25139 RIOT Vulnerable to Multiple Out-of-Bounds Read When Processing Received 6LoWPAN SFR Fragments

RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. In version 2025.10 and prior, multiple out-of-bounds read allow any unauthenticated user, with ability to send or manipulate input packets, to...

RIOT 代码问题漏洞

RIOT is RIOT's open source set of operating systems for applications in the Internet of Things IoT space. A code issue vulnerability exists in RIOT version v2025.07, which stems from a null pointer dereference in the IPv6 fragmentation reorganization implementation, which could lead to an operati...

RIOT 安全漏洞

RIOT is RIOT's open source set of operating systems for applications in the Internet of Things IoT space. A security vulnerability exists in RIOT version v2025.07, which stems from a lack of size checking in the IPv6 fragmentation reorganization implementation, which could lead to memory corrupti...

EUVD-2017-17251

Malware in sbrugna...

CVE-2019-15702

In the TCP implementation gnrctcp in RIOT through 2019.07, the parser for TCP options does not terminate on all inputs, allowing a denial-of-service, because sys/net/gnrc/transportlayer/tcp/gnrctcpoption.c has an infinite loop for an unknown zero-length option...

CVE-2019-16754

RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implementation asymcute, potentially allowing an attacker to crash a network node running RIOT. This requires spoofing an MQTT server response. To do so, the attacker needs to know the MQTT MsgID of a pending MQTT protocol message an...