Lucene search
K

14 matches found

CVE
CVE
added 2026/06/10 12:35 a.m.41 views

CVE-2026-46532

CVE-2026-46532 describes a heap/out-of-bounds read in Espressif’s ESF-IDF (IoT Development Framework) due to the BlueDroid AVRCP vendor-command parser (avrc_pars_vendor_cmd) in bluedroid. Affected versions are 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0. The issue has been patched in 5.2.7, 5.3.6, 5.4.5,...

4.6CVSS5.4AI score0.00228EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/10 12:34 a.m.7 views

CVE-2026-45542 ESF-IDF: Heap buffer overflow in protocomm Security2 over Bluetooth

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 SRP6a session-setup path of the protocomm component. The first-phase handler handlesessioncommand0 in...

7.1CVSS5.7AI score0.00325EPSS
Exploits0References7
CVE
CVE
added 2026/06/10 12:25 a.m.25 views

CVE-2026-45541

The CVE describes a NULL-pointer dereference in the WebSocket subprotocol-negotiation path of the esp_http_server component in ESF-IDF. During the WebSocket handshake, parsing the clientS WebSocket Protocol header may dereference a NULL tokenisation result, causing a crash before any application...

7.5CVSS5.4AI score0.00439EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48354

Name of the Vulnerable Software and Affected Versions ESF-IDF version 5.2.6 ESF-IDF version 5.3.5 ESF-IDF version 5.4.4 ESF-IDF version 5.5.3 ESF-IDF version 6.0 Description An out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser within the avrc pars vendor cmd function located ...

4.6CVSS5.3AI score0.00228EPSS
Exploits0References10
NVD
NVD
added 2026/02/04 6:16 p.m.18 views

CVE-2026-25507

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a use-after-free vulnerability was reported in the BLE provisioning transport protocommble layer. The issue can be triggered by a remote BLE client while the device is in...

6.3CVSS0.00199EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/02/04 5:58 p.m.8 views

CVE-2026-25508

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...

6.3CVSS5.7AI score0.00204EPSS
Exploits0References9
OSV
OSV
added 2026/02/04 5:58 p.m.7 views

CVE-2026-25508 ESF-IDF Has Memory Safety Vulnerabilities in BLE Provisioning

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...

6.3CVSS5.7AI score0.00204EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/02/04 5:58 p.m.36 views

CVE-2026-25507 ESF-IDF Has Use-after-free Vulnerability in BLE Provisioning

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a use-after-free vulnerability was reported in the BLE provisioning transport protocommble layer. The issue can be triggered by a remote BLE client while the device is in...

6.3CVSS0.00199EPSS
Exploits0References8
OSV
OSV
added 2026/02/04 5:58 p.m.12 views

CVE-2026-25507 ESF-IDF Has Use-after-free Vulnerability in BLE Provisioning

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a use-after-free vulnerability was reported in the BLE provisioning transport protocommble layer. The issue can be triggered by a remote BLE client while the device is in...

6.3CVSS5.5AI score0.00199EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/02/04 5:58 p.m.11 views

CVE-2026-25532

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...

6.3CVSS5.5AI score0.00213EPSS
Exploits0References9
CVE
CVE
added 2026/02/04 5:58 p.m.19 views

CVE-2026-25532

CVE-2026-25532 affects Espressif ESP-IDF WPS Enrollee in versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6. A malformed EAP-WSC packet with truncated payload can trigger an integer underflow during fragment length calculation, when processing EAP-Expanded (WSC) messages. The frag_len calculation sub...

8CVSS5.5AI score0.00213EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2025/12/26 11:57 p.m.22 views

CVE-2025-68474 ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVRCP Vendor Command Handling

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...

6.1CVSS0.003EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.6 views

PT-2025-53611

Name of the Vulnerable Software and Affected Versions ESF-IDF versions 5.5.1 through 5.1.6 Description ESF-IDF, the Espressif Internet of Things IOT Development Framework, contains a flaw in the avrc vendor msg function within the BlueDroid AVRCP stack. The function validates the allocated buffer...

6.1CVSS7.2AI score0.003EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/11/21 9:33 p.m.11 views

CVE-2025-65092 ESP32-P4 JPEG Decoder Header Parsing Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, and 5.3.4, when the ESP32-P4 uses its hardware JPEG decoder, the software parser lacks necessary validation checks. A specially crafted malicious JPEG image could exploit the parsing routine and trigg...

6.9CVSS0.00313EPSS
Exploits0References5
Rows per page
Query Builder