170 matches found
CVE-2026-42855 arduino-esp32: Digest authentication URI mismatch bypass in WebServer allows cross-resource replay attack
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer Digest authentication implementation in arduino-esp32 computes the authentication hash using the URI field from the client's Authorization header,...
CVE-2026-42855
The vulnerability affects the arduino-esp32 core (WebServer Digest authentication). Before version 3.3.8, the Digest auth hash is computed from the URI field in the Authorization header without validating it against the actually requested URI. As a result, an attacker with any valid digest respon...
CVE-2026-42855
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer Digest authentication implementation in arduino-esp32 computes the authentication hash using the URI field from the client's Authorization header,...
PT-2026-40454
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser in arduino-esp32 allocates a Variable Length Array VLA on the stack whose size is derived from an attacker-controlled HTTP head...
arduino-esp32 安全漏洞
Arduino-ESP32 is an open-source project by Espressif, designed for use with the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6, and ESP32-H2 boards. Versions of Arduino-ESP32 prior to 3.3.8 contained a security vulnerability. This vulnerability stemmed from the WebServer multi-part form parser’s...
CVE-2026-41429
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS packet handling path. When NetBIOS is enabled by calling NBNS.begin..., the device listens on UDP...
CVE-2026-41429
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS packet handling path. When NetBIOS is enabled by calling NBNS.begin..., the device listens on UDP...
CVE-2026-41429
CVE-2026-41429 affects the arduino-esp32 core (ESP32/ESP32-S2/ESP32-S3/ESP32-C3/ESP32-C6/ESP32-H2). The issue is a memory corruption in NBNS packet handling when NetBIOS is enabled via NBNS.begin(...); the code path listens on UDP port 137 and processes untrusted NBNS requests. The request parser...
CVE-2026-41429 Improper validation of NBNS name_len in arduino-esp32 NetBIOS leads to memory corruption
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS packet handling path. When NetBIOS is enabled by calling NBNS.begin..., the device listens on UDP...
arduino-esp32 安全漏洞
Arduino-ESP32 is an open-source project by Espressif, designed for use with the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6, and ESP32-H2 boards. Versions of Arduino-ESP32 prior to 3.3.8 contained a security vulnerability. This vulnerability stemmed from a remote exploitable memory corruption...
PT-2026-35072
Name of the Vulnerable Software and Affected Versions arduino-esp32 versions prior to 3.3.8 Description A remotely reachable memory corruption issue exists in the NBNS packet handling path. When NetBIOS is enabled via the NBNS.begin function, the device listens on UDP port 137 and processes...
PT-2026-23434
I have been running an ESP32-S3 BLE mesh network at home for about 3 months now. Six nodes tracking temperature, humidity and air quality. Using esp-idf 5.2 with deep sleep at 30 second intervals. Getting around 7.5 months battery life per node which is better than I expected. The key was...
Security update for micropython (low)
openSUSE Security Update: Security update for micropython Announcement ID: openSUSE-SU-2026:0050-1 Rating: low References: 1257803 Cross-References: CVE-2025-59438 CVE-2026-1998 CVSS scores: CVE-2025-59438 SUSE: 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Affected Products...
openSUSE 16 Security Update : micropython (openSUSE-SU-2026:20199-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20199-1 advisory. Changes in micropython: - CVE-2026-1998: Fixed segmentation fault in mpmaplookup via mpimportall bsc1257803. - Version 1.26.1 esp32: update esptinyusb...
CVE-2025-15575
The firmware update functionality does not verify the authenticity of the supplied firmware update files. This allows attackers to flash malicious firmware update files on the device. Initial analysis of the firmware update functionality does not show any cryptographic checks e.g. digital signatu...
GHSA-4H3H-63V6-88QX ESPHome vulnerable to denial-of-service via out-of-bounds check bypass in the API component
Summary An integer overflow in the API component's protobuf decoder allows denial-of-service attacks when API encryption is not used. Details The bounds check ptr + fieldlength end in components/api/proto.cpp can overflow when a malicious client sends a large fieldlength value. This affects all...
CVE-2025-15135
A weakness has been identified in joey-zhou xiaozhi-esp32-server-java up to 3.0.0. This impacts the function tryAuthenticateWithCookies of the file AuthenticationInterceptor.java of the component Cookie Handler. Executing manipulation can lead to improper authentication. The attack can be launche...
EUVD-2025-205508
A weakness has been identified in joey-zhou xiaozhi-esp32-server-java up to 3.0.0. This impacts the function tryAuthenticateWithCookies of the file AuthenticationInterceptor.java of the component Cookie Handler. Executing manipulation can lead to improper authentication. The attack can be launche...
Xiaozhi ESP32 Server Java 授权问题漏洞
Xiaozhi ESP32 Server Java is a Java enterprise management platform for joey individual developers. An authorization issue vulnerability exists in Xiaozhi ESP32 Server Java 3.0.0 and earlier versions, which stems from a misbehavior of the function tryAuthenticateWithCookies in the file...
CVE-2025-68474 ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVRCP Vendor Command Handling
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...