CVE-2026-10651

A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, btsdpparseattribute accepts an input buffer once it contains the 1-byte attribute type and 2-byte attribute id, but then unconditionally pulls an additiona...

UBUNTU-CVE-2026-10651

A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, btsdpparseattribute accepts an input buffer once it contains the 1-byte attribute type and 2-byte attribute id, but then unconditionally pulls an additiona...

CVE-2026-10651 Bluetooth Classic SDP parser truncation bug in bt_sdp_parse_attribute() leads to reachable assertion and possible out-of-bounds read

A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, btsdpparseattribute accepts an input buffer once it contains the 1-byte attribute type and 2-byte attribute id, but then unconditionally pulls an additiona...

May 12, 2026—Hotpatch KB5087423 (OS Build 26100.32772)

None None...

CVE-2024-14036 Dräger Core 1.0.5 Denial of Service via Malformed SDC Message

Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network ca...

Microsoft Windows SSDP Elevation of Privilege Vulnerability

Microsoft Windows SSDP is a simple service discovery provider program from Microsoft USA. Microsoft Windows SSDP suffers from an elevation of privilege vulnerability that can be exploited by an attacker to elevate privileges...

EUVD-2026-22515

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

CVE-2026-32083 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

...

CVE-2026-32083 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

...

CVE-2026-32082 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

...

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

PT-2026-32808

Name of the Vulnerable Software and Affected Versions Windows SSDP Service affected versions not specified Description A race condition occurs in the Windows SSDP Service due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileges locally...

EUVD-2026-13800

A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgimain of the component SSDP. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2026-4499

A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgimain of the component SSDP. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2026-4499

A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgimain of the component SSDP. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

PT-2026-26664

A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgi main of the component SSDP. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

EUVD-2026-9322

A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability...

D-Link DIR-868L 操作系统命令注入漏洞

The D-Link DIR-868L is a wireless router produced by D-Link Corporation. The D-Link DIR-868L 110b03 version has a vulnerability related to operating system command injection. This vulnerability stems from incorrect handling of the parameter ST by the SSDP Service component, which may lead to...

CVE-2025-62602

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow,...

CVE-2025-68135

EVerest is an EV charging software stack. Prior to version 2025.10.0, C++ exceptions are not properly handled for and by the TbdController loop, leading to its caller and itself to silently terminates. Thus, this leads to a denial of service as it is responsible of SDP and ISO15118-20 servers...