CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/06/10 1:16 a.m.•10 views

CVE-2026-44634

8.7CVSS0.00333EPSS

Exploits0References4

Positive Technologies•added 2026/05/29 12:0 a.m.•13 views

PT-2026-44968

Name of the Vulnerable Software and Affected Versions Frontier X2 affected versions not specified Frontier X mobile application affected versions not specified Description The Frontier X2 device permits unauthenticated Bluetooth Low Energy BLE read and write access to critical Generic Attribute...

8.8CVSS5.8AI score0.0028EPSS

Exploits0References9

RedhatCVE•added 2026/03/26 3:16 p.m.•1 views

CVE-2026-2756

A security vulnerability has been detected in OmniPEMF NeoRhythm up to 20260308. This affects an unknown function of the component BLE Interface. Such manipulation leads to missing authentication. The attack can only be initiated within the local network. This attack is characterized by high...

5CVSS5.3AI score0.00276EPSS

RedhatCVE•added 2026/03/04 1:57 a.m.•6 views

CVE-2024-43766

In multiple functions of btmblesec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5CVSS6.1AI score0.00067EPSS

OSV•added 2026/03/01 12:0 a.m.•6 views

ASB-A-288144143

6.5CVSS6.1AI score0.00067EPSS

Exploits0References3

RedhatCVE•added 2026/02/05 7:24 p.m.•3 views

CVE-2026-25507

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a use-after-free vulnerability was reported in the BLE provisioning transport protocommble layer. The issue can be triggered by a remote BLE client while the device is in...

NVD•added 2026/02/04 6:16 p.m.•5 views

CVE-2026-25507

6.3CVSS0.00199EPSS

CVE•added 2026/02/04 5:58 p.m.•9 views

CVE-2026-25508

ESF-IDF (Espressif IoT Development Framework) has an out-of-bounds read in the BLE ATT Prepare Write handling of the BLE provisioning transport (protocomm_ble). A remote BLE client in provisioning mode can trigger the issue by sending overlapped prepare-write fragments; the system tracks a cumula...

6.3CVSS5.7AI score0.00204EPSS

Exploits0References8Affected Software1

ATTACKERKB•added 2026/02/04 5:58 p.m.•8 views

CVE-2026-25508

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...

6.3CVSS5.7AI score0.00204EPSS

Exploits0References9

Cvelist•added 2026/02/04 5:58 p.m.•28 views

CVE-2026-25508 ESF-IDF Has Memory Safety Vulnerabilities in BLE Provisioning

6.3CVSS0.00204EPSS

Cvelist•added 2026/02/04 5:58 p.m.•30 views

CVE-2026-25507 ESF-IDF Has Use-after-free Vulnerability in BLE Provisioning

6.3CVSS0.00199EPSS

EUVD•added 2026/02/04 5:58 p.m.•3 views

EUVD-2026-5377

CVE•added 2026/02/04 5:58 p.m.•17 views

CVE-2026-25507

The CVE concerns ESF-IDF (Espressif IoT Development Framework) with a use-after-free in the BLE provisioning transport (protocomm_ble). Affected versions are 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6. When provisioning is stopped with keep_ble_on = true, internal protocomm_ble state and GATT metadata...

Exploits0References8Affected Software1

OSV•added 2026/02/04 5:58 p.m.•7 views

CVE-2026-25507 ESF-IDF Has Use-after-free Vulnerability in BLE Provisioning

Positive Technologies•added 2026/02/04 12:0 a.m.•2 views

Exploits0References10

PT-2026-6299

Name of the Vulnerable Software and Affected Versions Espressif Internet of Things IOT Development Framework versions 5.1.6 through 5.5.2 Description The Espressif Internet of Things IOT Development Framework contains a use-after-free issue in the BLE provisioning transport protocomm ble layer...

CNNVD•added 2026/02/04 12:0 a.m.•3 views

Exploits0References12

ESP-IDF 资源管理错误漏洞

ESP-IDF is an open-source development framework for Espressif’s SoCs, supported on Windows, Linux, and macOS. Versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6 of ESP-IDF contain resource management vulnerabilities. These vulnerabilities stem from a reuse issue in the BLE configuration transmission...

6.3CVSS5.8AI score0.00199EPSS

Exploits0References9

Positive Technologies•added 2026/02/04 12:0 a.m.•3 views

PT-2026-6300

Name of the Vulnerable Software and Affected Versions Espressif Internet of Things IOT Development Framework versions 5.1.6 through 5.5.2 Description The Espressif Internet of Things IOT Development Framework ESF-IDF contains a flaw in the BLE ATT Prepare Write handling within the BLE provisionin...

6.3CVSS5.6AI score0.00204EPSS

Exploits0References12

OSV•added 2026/01/27 9:15 a.m.•5 views

CVE-2026-24801

Vulnerability in Ralim IronOS source/Core/BSP/Pinecilv2/blmcusdk/components/ble/blestack/common/tinycrypt/source modules. This vulnerability is associated with program files eccdsa.C. This issue affects IronOS: before v2.23-rc3...

6.9CVSS5.9AI score