CVE-2025-66409
CVE-2025-66409 affects ESP-IDF where AVRCP handling on ESP32 can read memory out-of-bounds due to insufficient validation of the VENDOR DEPENDENT command length. Affected versions include 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6 and earlier. Qualitative impact is memory exposure or unexpected behavior f...