| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-5590 | net: ip/tcp: Null pointer dereference can be triggered by a race condition | zephyrproject-rtos | Zephyr | Medium | 6.4 | 2026-04-05 03:34:56 | Deep Dive |
| CVE-2026-1679 | net: eswifi socket send payload length not bounded | zephyrproject-rtos | Zephyr | High | 7.3 | 2026-03-27 23:21:18 | Deep Dive |
| CVE-2026-4179 | stm32: usb: Infinite while loop in Interrupt Handler | zephyrproject-rtos | Zephyr | Medium | 6.1 | 2026-03-14 21:51:33 | Deep Dive |
| CVE-2026-0849 | crypto: ATAES132A response length allows stack buffer overflow | zephyrproject-rtos | Zephyr | Low | 3.8 | 2026-03-14 21:05:37 | Deep Dive |
| CVE-2026-1678 | dns: memory‑safety issue in the DNS name parser | zephyrproject-rtos | Zephyr | Critical | 9.4 | 2026-03-05 06:21:37 | Deep Dive |
| CVE-2025-12899 | net: icmp: Out of bound memory read | zephyrproject-rtos | Zephyr | Medium | 6.5 | 2026-01-30 05:34:20 | Deep Dive |
| CVE-2025-12035 | Bluetooth: Integer Overflow in Bluetooth Classic (BR/EDR) L2CAP | zephyrproject-rtos | Zephyr | Medium | 6.5 | 2025-12-15 19:42:43 | Deep Dive |
| CVE-2025-9557 | Bluetooth: Mesh: Out-of-Bound Write in gen_prov_cont | zephyrproject-rtos | Zephyr | High | 7.6 | 2025-11-26 05:43:30 | Deep Dive |
| CVE-2025-9558 | Bluetooth: Mesh: Out-of-Bound Write in gen_prov_start | zephyrproject-rtos | Zephyr | High | 7.6 | 2025-11-26 05:39:44 | Deep Dive |
| CVE-2025-9408 | Userspace privilege escalation vulnerability on Cortex M | zephyrproject-rtos | Zephyr | High | 8.1 | 2025-11-11 15:34:59 | Deep Dive |
| CVE-2025-12890 | Bluetooth: peripheral: Invalid handling of malformed connection request | zephyrproject-rtos | Zephyr | Medium | 6.5 | 2025-11-07 18:40:56 | Deep Dive |
| CVE-2025-10456 | Bluetooth: Semi-Arbitrary ability to make the BLE Target send disconnection requests | zephyrproject-rtos | Zephyr | High | 7.1 | 2025-09-19 05:21:33 | Deep Dive |
| CVE-2025-10458 | Bluetooth: le_conn_rsp does not sanitize CID, MTU, MPS values | zephyrproject-rtos | Zephyr | High | 7.6 | 2025-09-19 05:20:20 | Deep Dive |
| CVE-2025-7403 | Bluetooth: bt_conn_tx_processor unsafe handling | zephyrproject-rtos | Zephyr | High | 7.6 | 2025-09-19 05:19:19 | Deep Dive |
| CVE-2025-10457 | Bluetooth: Out-Of-Context le_conn_rsp Handling | zephyrproject-rtos | Zephyr | Medium | 4.3 | 2025-09-19 05:17:40 | Deep Dive |
| CVE-2025-2962 | Infinite loop in dns_copy_qname | zephyrproject-rtos | Zephyr | High | 7.5 | 2025-06-24 05:32:11 | Deep Dive |
| CVE-2025-1675 | Out of bounds read in dns_copy_qname | zephyrproject-rtos | Zephyr | High | 8.2 | 2025-02-25 07:22:36 | Deep Dive |
| CVE-2025-1674 | Out of bounds read when unpacking DNS answers | zephyrproject-rtos | Zephyr | High | 8.2 | 2025-02-25 07:18:52 | Deep Dive |
| CVE-2025-1673 | Out of bounds read when calling crc16_ansi and strlen in dns_validate_msg | zephyrproject-rtos | Zephyr | High | 8.2 | 2025-02-25 07:12:13 | Deep Dive |
| CVE-2024-10395 | net: lib: http_server: Buffer Under-read | zephyrproject-rtos | Zephyr | High | 8.6 | 2025-02-03 06:59:22 | Deep Dive |