| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4640 | Galaxy Software Services|Vitals ESP - Missing Authentication | Galaxy Software Services | Vitals ESP | High | 7.5 | 2026-03-24 04:20:47 | Deep Dive |
| CVE-2026-4639 | Galaxy Software Services|Vitals ESP - Incorrect Authorization | Galaxy Software Services | Vitals ESP | High | 8.8 | 2026-03-24 04:17:22 | Deep Dive |
| CVE-2026-25508 | ESF-IDF Has Memory Safety Vulnerabilities in BLE Provisioning | espressif | esp-idf | Medium | 6.3 | 2026-02-04 17:58:29 | Deep Dive |
| CVE-2026-25507 | ESF-IDF Has Use-after-free Vulnerability in BLE Provisioning | espressif | esp-idf | Medium | 6.3 | 2026-02-04 17:58:19 | Deep Dive |
| CVE-2026-25532 | ESF-IDF is Vulnerable to WPS Enrollee Fragment Integer Underflow | espressif | esp-idf | Medium | 6.3 | 2026-02-04 17:58:08 | Deep Dive |
| CVE-2025-68657 | espressif/usb_host_hid Double-Free Race Condition in USB Host HID Device Close Path | espressif | esp-usb | Medium | 6.4 | 2026-01-12 17:26:51 | Deep Dive |
| CVE-2025-68656 | Espressif ESP-IDF USB Host HID (Human Interface Device) Driver Descriptor Use-After-Free Vulnerability | espressif | esp-usb | Medium | 6.8 | 2026-01-12 17:23:19 | Deep Dive |
| CVE-2025-68622 | Espressif ESP-IDF USB Host UVC Class Driver has a stack buffer overflow in UVC descriptor printing | espressif | esp-usb | Medium | 6.8 | 2026-01-12 17:08:23 | Deep Dive |
| CVE-2025-68474 | ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVRCP Vendor Command Handling | espressif | esp-idf | 高危 | - | 2025-12-26 23:57:55 | Deep Dive |
| CVE-2025-68473 | ESF-IDF Has Out-of-Bounds Read in ESP32 Bluetooth SDP Result Handling | espressif | esp-idf | 高危 | - | 2025-12-26 23:54:48 | Deep Dive |
| CVE-2025-14255 | Galaxy Software Services|Vitals ESP - SQL Injection | Galaxy Software Services | Vitals ESP | Medium | 6.5 | 2025-12-08 07:43:23 | Deep Dive |
| CVE-2025-14254 | Galaxy Software Services|Vitals ESP - SQL Injection | Galaxy Software Services | Vitals ESP | Medium | 6.5 | 2025-12-08 07:41:01 | Deep Dive |
| CVE-2025-14253 | Galaxy Software Services|Vitals ESP - Arbitrary File Read | Galaxy Software Services | Vitals ESP | Medium | 4.9 | 2025-12-08 07:38:09 | Deep Dive |
| CVE-2025-66409 | ESF-IDF has an Out-of-Bounds Read in ESP32 Bluetooth AVRCP Command Handling | espressif | esp-idf | - | - | 2025-12-02 18:09:03 | Deep Dive |
| CVE-2025-65092 | ESP32-P4 JPEG Decoder Header Parsing Vulnerability | espressif | esp-idf | 中危 | - | 2025-11-21 21:33:04 | Deep Dive |
| CVE-2025-64342 | ESF-IDF's ESP32 Bluetooth Controller Has an Invalid Access Address Vulnerability | espressif | esp-idf | - | - | 2025-11-17 17:21:02 | Deep Dive |
| CVE-2025-31342 | Galaxy Software Services Vitals ESP Forum Module - Unrestricted Upload of File with Dangerous Type | Galaxy Software Services Corporation | Vitals ESP | - | - | 2025-10-20 07:56:46 | Deep Dive |
| CVE-2025-55297 | ESF-IDF BluFi Example Memory Overflow Vulnerability | espressif | esp-idf | - | - | 2025-08-21 15:05:07 | Deep Dive |
| CVE-2025-52471 | ESP-NOW Integer Underflow Vulnerability Advisory | espressif | esp-idf | - | - | 2025-06-24 19:53:06 | Deep Dive |
| CVE-2025-27579 | ESP-Miner 跨站请求伪造漏洞 | Bitaxe | ESP-MIner | Medium | 5.4 | 2025-03-02 00:00:00 | Deep Dive |