Nimble Security Vulnerabilities and Issues — Nimble CVE List

ApacheNimble

9 matches found

CVE•added 2024/04/06 11:56 a.m.•79 views

CVE-2024-24746

CVE-2024-24746: Apache NimBLE's GATT server is vulnerable to a Denial of Service via a specially crafted GATT operation that causes an infinite loop. Affected software: NimBLE up to version 1.6.0; impact is denial of service to the Bluetooth stack/device. Remediation: upgrade to NimBLE 1.7.0 (fix).

7.5CVSS7.5AI score0.00159EPSS

CVE•added 2024/11/26 11:17 a.m.•71 views

CVE-2024-51569

CVE-2024-51569 affects Apache NimBLE (through 1.7.0). The root cause is missing validation of HCI Number Of Completed Packets, leading to an out-of-bounds read while parsing HCI events and reading from HCI transport memory. The issue requires a broken/bogus Bluetooth controller to trigger the fau...

7.5CVSS6.5AI score0.00267EPSS

CVE•added 2024/11/26 11:15 a.m.•63 views

CVE-2024-47248

Apache NimBLE

6.3CVSS6.8AI score0.0005EPSS

CVE•added 2024/11/26 11:16 a.m.•56 views

CVE-2024-47249

CVE-2024-47249 affects Apache NimBLE up to version 1.7.0. The issue is improper validation of array indices for HCI events from the Bluetooth controller, which can cause out-of-bounds memory corruption and crashes. Upgrading to NimBLE 1.8.0 is recommended and fixes the issue. No exploitation deta...

5CVSS6.9AI score0.00028EPSS

CVE•added 2024/11/26 11:17 a.m.•50 views

CVE-2024-47250

CVE-2024-47250 affects Apache NimBLE (through 1.7.0). The issue is an out-of-bounds read caused by missing validation of the HCI advertising report, which can trigger out-of-bound access while parsing HCI events and may generate bogus GAP “device found” events. The vulnerability requires a broken...

5CVSS6.6AI score0.00034EPSS

CVE•added 2026/01/10 9:42 a.m.•16 views

CVE-2025-62235

CVE-2025-62235 : Authentication bypass by spoofing in Apache NimBLE allows an attacker to remove the original Bond and re-bind with an impostor via a specially crafted Security Request. Affected software: Apache NimBLE up to version 1.8.0; impact includes potential compromise of pairing/authentic...

8.1CVSS6.6AI score0.00024EPSS

CVE•added 2026/01/10 9:45 a.m.•12 views

CVE-2025-53477

CVE-2025-53477 is a NULL pointer dereference vulnerability in Apache NimBLE (NimBLE host HCI layer). The issue stems from missing validation of HCI connection complete or HCI command TX buffers, which can lead to a NULL pointer dereference when combined with disabled asserts and a malfunctioning ...

7.5CVSS6.8AI score0.00263EPSS

CVE•added 2026/01/10 9:47 a.m.•11 views

CVE-2025-52435

CVE-2025-52435 affects Apache NimBLE (Mynewt NimBLE) up to version 1.8.0. The issue is caused by improper handling of the Pause Encryption procedure on the Link Layer, which can leave a previously encrypted connection in an unencrypted state and allow an eavesdropper to observe the remainder of t...

7.5CVSS6.5AI score0.00036EPSS

CVE•added 2026/01/10 9:46 a.m.•8 views

CVE-2025-53470

Summary: CVE-2025-53470 affects Apache NimBLE’s HCI H4 driver. An out-of-bounds read can be triggered by a specially crafted HCI event, leading to an invalid memory read.affected software: Apache NimBLE up to version 1.8 (inclusive); advisory recommends upgrading to version 1.9 which contains the...

3.1CVSS6.4AI score0.00014EPSS