Tuya — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting Tuya. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Tuya:arduino-TuyaOpen SDK App

CVE ID	Title	CVSS	Severity	Published
CVE-2026-28522	arduino-TuyaOpen WiFiUDP Null Pointer Dereference Denial of Service — arduino-TuyaOpenCWE-476	6.5	Medium	2026-03-15
CVE-2026-28519	arduino-TuyaOpen DnsServer Heap-Based Buffer Overflow Remote Code Execution — arduino-TuyaOpenCWE-122	8.8	High	2026-03-15
CVE-2026-28521	arduino-TuyaOpen TuyaIoT Out-of-Bounds Memory Read Information Disclosure — arduino-TuyaOpenCWE-125	7.7	High	2026-03-15
CVE-2026-28520	arduino-TuyaOpen WiFiMulti Single-Byte Buffer Overflow Remote Code Execution — arduino-TuyaOpenCWE-193	8.4	High	2026-03-15
CVE-2026-3465	Tuya App/SDK JSON Data Point denial of service — AppCWE-404	3.1	Low	2026-03-03
CVE-2024-3764	Tuya SDK MQTT Packet denial of service — SDKCWE-404	2.7	Low	2024-04-14

This page lists every published CVE security advisory associated with Tuya. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Tuya — Vulnerabilities & Security Advisories 6