Vulnerability Details Title: Buffer Overflow Package: node-bluetooth Severity: 7.3 (High) CVE: CVE-2023-26110 CWE: CWE-120 Introduced: 6 February 2023 Affected Versions All versions of are affected. How to Fix There is no fixed version for . Overview Affected versions of this package are vulnerable to Buffer Overflow via the method due to improper user input length validation. Proof of Concept (PoC) CVSS Base Scores Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None Scope (S): Unchanged Confidentiality (C): Low Integrity (I): Low Availability (A): Low Threat Intelligence Exploit Maturity: Proof of Concept EPSS: 0.15% (36th percentile) Vulnerability ID Snyk ID: SNYK-JS-NODEBLUETOOTH-3311821 Published: 8 March 2023 Disclosed: 6 February 2023 Credit: Raoul Scholtes, Giancarlo Pellegrino, Cris Staiuc