All 4 CVE vulnerabilities found in arduino-esp32, with AI-generated Chinese analysis, references, and POCs.
Vendor: espressif
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-41429 | Improper validation of NBNS name_len in arduino-esp32 NetBIOS leads to memory corruption CWE-121 | 8.8 | High | 2026-04-24 |
| CVE-2025-53540 | CSRF Vulnerability in Firmware Update Endpoints Allows Remote Code Execution CWE-352 | 8.8AI | HighAI | 2025-07-07 |
| CVE-2025-53007 | arduino-esp32 vulnerable to CRLF injection in WebServer.cpp CWE-113 | 7.5AI | HighAI | 2025-06-26 |
| CVE-2024-45798 | Multiple Poisoned Pipeline Execution (PPE) vulnerabilities CWE-20 | 10.0 | Critical | 2024-09-17 |
All 4 known CVE vulnerabilities affecting arduino-esp32 with full Chinese analysis, references, and POCs where available.