CVE-2026-3555

Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. User interaction is required to exploit this...

CVE-2026-3555 Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability

Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. User interaction is required to exploit this...

PT-2026-23773

Name of the Vulnerable Software and Affected Versions Philips Hue Bridge affected versions not specified Description The Philips Hue Bridge contains a heap-based buffer overflow in the Zigbee stack’s custom command handler. This issue allows for remote code execution. The vulnerability was...

Silicon Labs Zigbee Stack security vulnerabilities

Silicon Labs Zigbee Stack is a wireless network protocol stack developed by Silicon Labs. There is a security vulnerability in the Silicon Labs Zigbee Stack, and this vulnerability arises from processing 802.15.4 MAC data requests, which may cause Zigbee routers to become unrecoverably disconnect...

CVE-2026-22211

TinyOS versions up to and including 2.1.2 contain a global buffer overflow vulnerability in the printfUART formatted output implementation used within the ZigBee / IEEE 802.15.4 networking stack. The implementation formats output into a fixed-size global buffer and concatenates strings for %s...

CVE-2026-22211 TinyOS <= 2.1.2 Global Buffer Overflow in printfUART

TinyOS versions up to and including 2.1.2 contain a global buffer overflow vulnerability in the printfUART formatted output implementation used within the ZigBee / IEEE 802.15.4 networking stack. The implementation formats output into a fixed-size global buffer and concatenates strings for %s...

CVE-2026-22211 TinyOS <= 2.1.2 Global Buffer Overflow in printfUART

TinyOS versions up to and including 2.1.2 contain a global buffer overflow vulnerability in the printfUART formatted output implementation used within the ZigBee / IEEE 802.15.4 networking stack. The implementation formats output into a fixed-size global buffer and concatenates strings for %s...

CVE-2026-22211

CVE-2026-22211 (TinyOS

EUVD-2025-23149

Malicious code in bioql PyPI...

CVE-2025-1394

The Ember ZNet stack’s packet buffer manager may read out of bound memory leading to an assert, causing a Denial of Service DoS...

CVE-2025-1394

SiLabs EmberZNet Zigbee stack contains a vulnerability where failing to properly handle error statuses from buffer management APIs can lead to data leaks and potential DoS. Connected sources confirm the affected software family (SiLabs EmberZNet Zigbee stack) and describe the underlying cause as ...

PT-2025-31378 · Silicon · Ember Znet

Name of the Vulnerable Software and Affected Versions: SiLabs EmberZNet Zigbee stack affected versions not specified Description: Failure to handle error statuses returned by the buffer management APIs may result in data leaks or a potential Denial of Service DoS. Recommendations: At the moment,...

CVE-2020-27892

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Discover Commands Received Response message or a ZCL Discover Commands Generated Response message. It crashes in zclParseInDiscCmdsRspCmd...