arduino-esp32 — Vulnerabilities & Security Advisories 6

All 6 CVE vulnerabilities found in arduino-esp32, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-42854	arduino-esp32: Stack buffer overflow in WebServer multipart boundary parsing leads to remote crash potential RCE CWE-121	9.8	Critical	2026-05-12
CVE-2026-42855	arduino-esp32: Digest authentication URI mismatch bypass in WebServer allows cross-resource replay attack CWE-287	7.5	High	2026-05-12
CVE-2026-41429	Improper validation of NBNS name_len in arduino-esp32 NetBIOS leads to memory corruption CWE-121	8.8	High	2026-04-24
CVE-2025-53540	CSRF Vulnerability in Firmware Update Endpoints Allows Remote Code Execution CWE-352	8.8^AI	High^AI	2025-07-07
CVE-2025-53007	arduino-esp32 vulnerable to CRLF injection in WebServer.cpp CWE-113	7.5^AI	High^AI	2025-06-26
CVE-2024-45798	Multiple Poisoned Pipeline Execution (PPE) vulnerabilities CWE-20	10.0	Critical	2024-09-17

All 6 known CVE vulnerabilities affecting arduino-esp32 with full Chinese analysis, references, and POCs where available.