Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

RIOT — Vulnerabilities & Security Advisories 22

All 22 CVE vulnerabilities found in RIOT, with AI-generated Chinese analysis, references, and POCs.

Vendor: RIOT-OS

CVE IDTitleCVSSSeverityPublished
CVE-2026-27703 RIOT has an Out-of-Bounds Write in nanoCoAP Handler CWE-787 7.5 High2026-03-11
CVE-2026-25139 RIOT Vulnerable to Multiple Out-of-Bounds Read When Processing Received 6LoWPAN SFR Fragments CWE-125 9.1AICriticalAI2026-02-04
CVE-2025-66647 RIOT OS has buffer overflow in gnrc_ipv6_ext_frag_reass CWE-120 7.2AIHighAI2025-12-17
CVE-2025-66646 RIOT-OS has NULL pointer dereference in gnrc_ipv6_ext_frag_reass CWE-476 7.5AIHighAI2025-12-17
CVE-2025-53888 RIOT-OS has an ineffective size check that can lead to buffer overflow in link layer address filter /sys/net/link_layer/l2filter/l2filter.c CWE-120 9.8 -2025-07-18
CVE-2024-53980 Spoofed length byte traps CC2538 in endless loop CWE-835 6.5 -2024-11-29
CVE-2024-52802 RIOT-OS missing dhcpv6_opt_t minimum header length check CWE-20 7.5 High2024-11-22
CVE-2024-32018 Ineffective size check due to assert() and buffer overflow in RIOT CWE-120 8.8 High2024-05-01
CVE-2024-32017 Buffer overflows in RIOT CWE-120 9.8 Critical2024-05-01
CVE-2024-31225 Lack of size check and buffer overflow in RIOT CWE-120 8.4 High2024-05-01
CVE-2023-33975 RIOT-OS vulnerable to Out of Bounds Write in _rbuf_add CWE-119 9.8 Critical2023-05-30
CVE-2023-33974 RIOT-OS vulnerable to Race Condition in SFR Timeout CWE-362 7.5 High2023-05-30
CVE-2023-33973 RIOT-OS vulnerable to NULL pointer dereference during NHC encoding CWE-476 7.5 High2023-05-30
CVE-2023-24826 Usage of Uninitialized Timer during forwarding of Fragments with SFR CWE-824 5.9 Medium2023-05-30
CVE-2023-24825 RIOT-OS vulnerable to NULL pointer dereference in gnrc_pktbuf_mark CWE-252 7.5 High2023-05-30
CVE-2023-24817 RIOT-OS vulnerable to Out of Bounds write in routing with SRH CWE-119 7.5 High2023-05-30
CVE-2023-24823 RIOT-OS vulnerable to Packet Type Confusion during IPHC send CWE-787 9.8 Critical2023-04-24
CVE-2023-24822 RIOT-OS vulnerable to Null Pointer dereference during IPHC encoding CWE-476 7.5 High2023-04-24
CVE-2023-24821 RIOT-OS vulnerable to Integer Underflow during defragmentation CWE-191 7.5 High2023-04-24
CVE-2023-24820 RIOT-OS vulnerable to Integer Underflow during IPHC receive CWE-191 7.5 High2023-04-24
CVE-2023-24819 RIOT-OS vulnerable to Buffer Overflow during IPHC receive CWE-131 9.8 Critical2023-04-24
CVE-2023-24818 RIOT-OS vulnerable to null pointer dereference during fragment forwarding CWE-476 7.5 High2023-04-24

All 22 known CVE vulnerabilities affecting RIOT with full Chinese analysis, references, and POCs where available.