Lucene search
+L

7 matches found

nvd
nvd
added 2026/02/04 6:16 p.m.18 views

CVE-2026-25507

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a use-after-free vulnerability was reported in the BLE provisioning transport protocommble layer. The issue can be triggered by a remote BLE client while the device is in...

6.3CVSS0.00199EPSS
Exploits0References8
cve
cve
added 2026/02/04 5:58 p.m.13 views

CVE-2026-25508

ESF-IDF (Espressif IoT Development Framework) has an out-of-bounds read in the BLE ATT Prepare Write handling of the BLE provisioning transport (protocomm_ble). A remote BLE client in provisioning mode can trigger the issue by sending overlapped prepare-write fragments; the system tracks a cumula...

6.3CVSS5.7AI score0.00204EPSS
Exploits0References8Affected Software1
attackerkb
attackerkb
added 2026/02/04 5:58 p.m.8 views

CVE-2026-25508

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...

6.3CVSS5.7AI score0.00204EPSS
Exploits0References9
osv
osv
added 2026/02/04 5:58 p.m.13 views

CVE-2026-25507 ESF-IDF Has Use-after-free Vulnerability in BLE Provisioning

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a use-after-free vulnerability was reported in the BLE provisioning transport protocommble layer. The issue can be triggered by a remote BLE client while the device is in...

6.3CVSS5.5AI score0.00199EPSS
Exploits0References10
cvelist
cvelist
added 2026/02/04 5:58 p.m.39 views

CVE-2026-25507 ESF-IDF Has Use-after-free Vulnerability in BLE Provisioning

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a use-after-free vulnerability was reported in the BLE provisioning transport protocommble layer. The issue can be triggered by a remote BLE client while the device is in...

6.3CVSS0.00199EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/02/04 12:0 a.m.9 views

PT-2026-6299

Name of the Vulnerable Software and Affected Versions Espressif Internet of Things IOT Development Framework versions 5.1.6 through 5.5.2 Description The Espressif Internet of Things IOT Development Framework contains a use-after-free issue in the BLE provisioning transport protocomm ble layer...

6.3CVSS5.5AI score0.00199EPSS
Exploits0References12
ptsecurity
ptsecurity
added 2026/02/04 12:0 a.m.10 views

PT-2026-6300

Name of the Vulnerable Software and Affected Versions Espressif Internet of Things IOT Development Framework versions 5.1.6 through 5.5.2 Description The Espressif Internet of Things IOT Development Framework ESF-IDF contains a flaw in the BLE ATT Prepare Write handling within the BLE provisionin...

6.3CVSS5.6AI score0.00204EPSS
Exploits0References12
Rows per page
Query Builder