Lucene search
+L

454 matches found

NVD
NVD
added 2026/02/13 6:16 p.m.11 views

CVE-2026-21870

BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...

5.5CVSS0.0024EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/13 6:14 p.m.6 views

CVE-2026-26264

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0rc4 and 1.4.3rc2, a malformed WriteProperty request can trigger a length underflow in the BACnet stack, leading to an out‑of‑bounds read and a crash DoS. The issue is in wp.c within...

5.6AI score0.00368EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/13 6:14 p.m.31 views

CVE-2026-26264 BACnet Stack WriteProperty decoding length underflow leads to OOB read and crash

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0rc4 and 1.4.3rc2, a malformed WriteProperty request can trigger a length underflow in the BACnet stack, leading to an out‑of‑bounds read and a crash DoS. The issue is in wp.c within...

8.8CVSS0.00368EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/13 6:14 p.m.6 views

CVE-2026-26264 BACnet Stack WriteProperty decoding length underflow leads to OOB read and crash

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0rc4 and 1.4.3rc2, a malformed WriteProperty request can trigger a length underflow in the BACnet stack, leading to an out‑of‑bounds read and a crash DoS. The issue is in wp.c within...

8.8CVSS5.6AI score0.00368EPSS
Exploits1References2
CVE
CVE
added 2026/02/13 6:14 p.m.28 views

CVE-2026-26264

The vulnerability CVE-2026-26264 affects the BACnet Stack C library (embedded systems). In wp_decode_service_request, decoding the optional priority context tag can cause apdu_len - apdu_size underflow if apdu_size > apdu_len for a malformed WriteProperty, leading to an out-of-bounds read and ...

8.8CVSS5.6AI score0.00368EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/02/13 6:14 p.m.7 views

CVE-2026-26264 BACnet Stack WriteProperty decoding length underflow leads to OOB read and crash

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0rc4 and 1.4.3rc2, a malformed WriteProperty request can trigger a length underflow in the BACnet stack, leading to an out‑of‑bounds read and a crash DoS. The issue is in wp.c within...

8.8CVSS5.6AI score0.00368EPSS
Exploits1References4
CVE
CVE
added 2026/02/13 6:10 p.m.14 views

CVE-2026-21878

The vulnerability CVE-2026-21878 affects BACnet Stack (open source C library) prior to version 1.5.0.rc3, due to lack of validation of user-provided file paths in the file-writing functionality. Affected code paths include apps/readfile/main.c and ports/posix/bacfile-posix.c. The issue allows wri...

7.5CVSS5.7AI score0.00356EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/13 6:10 p.m.7 views

CVE-2026-21878 BACnet Stack Improperly Limits Pathnames to a Restricted Directory

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary...

7.5CVSS5.7AI score0.00356EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/02/13 6:10 p.m.5 views

CVE-2026-21878

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary...

5.7AI score0.00356EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/02/13 6:10 p.m.28 views

CVE-2026-21878 BACnet Stack Improperly Limits Pathnames to a Restricted Directory

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary...

7.5CVSS0.00356EPSS
Exploits1References2
OSV
OSV
added 2026/02/13 6:10 p.m.6 views

CVE-2026-21878 BACnet Stack Improperly Limits Pathnames to a Restricted Directory

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary...

7.5CVSS5.7AI score0.00356EPSS
Exploits1References4
EUVD
EUVD
added 2026/02/13 5:58 p.m.8 views

EUVD-2026-5920

BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...

5.5CVSS6AI score0.0024EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/13 5:58 p.m.5 views

CVE-2026-21870

BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...

5.5CVSS6AI score0.0024EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/13 5:58 p.m.4 views

CVE-2026-21870 The BACnet Protocol Stack library has an Off-by-one Stack-based Buffer Overflow in tokenizer_string

BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...

5.5CVSS6AI score0.0024EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/13 5:58 p.m.34 views

CVE-2026-21870 The BACnet Protocol Stack library has an Off-by-one Stack-based Buffer Overflow in tokenizer_string

BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...

5.5CVSS0.0024EPSS
Exploits1References3
CVE
CVE
added 2026/02/13 5:58 p.m.21 views

CVE-2026-21870

The CVE-2026-21870 affects the BACnet Protocol Stack library, specifically versions 1.4.2, 1.5.0.rc2 and earlier. The root cause is an off-by-one, stack-based buffer overflow in the ubasic interpreter’s tokenizer_string function. It mishandles null termination for maximum-length strings, writing ...

5.5CVSS6AI score0.0024EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/02/13 5:58 p.m.8 views

CVE-2026-21870 The BACnet Protocol Stack library has an Off-by-one Stack-based Buffer Overflow in tokenizer_string

BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...

5.5CVSS6.1AI score0.0024EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/13 12:0 a.m.8 views

BACnet Stack 路径遍历漏洞

BACnet Stack is an open-source protocol stack for BACnet, suitable for embedded systems, Linux, MacOS, BSD, and Windows. Versions of BACnet Stack prior to 1.5.0.rc3 contained a path traversal vulnerability. This vulnerability stemmed from the lack of validation for the file writing function,...

7.5CVSS5.9AI score0.00356EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/13 12:0 a.m.9 views

BACnet Protocol Stack 安全漏洞

BACnet Protocol Stack is a library suitable for various platforms, designed to provide communication services at the BACnet application layer, network layer, and Media Access Layer MAC. Versions of BACnet Protocol Stack such as 1.4.2, 1.5.0.rc2, and earlier versions have security vulnerabilities...

5.5CVSS6.1AI score0.0024EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/13 12:0 a.m.6 views

PT-2026-8019

Name of the Vulnerable Software and Affected Versions BACnet Stack versions prior to 1.5.0.rc3 Description The BACnet Stack software contains a flaw in its file writing functionality. Specifically, there is a lack of validation for user-supplied file paths, which could allow attackers to write...

7.5CVSS5.6AI score0.00356EPSS
Exploits1References9
Rows per page
Query Builder