CVE-2026-23747— Golioth Firmware SDK < 0.22.0 Payload Utils Stack-based Buffer Overflow
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-23747
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Golioth Firmware SDK < 0.22.0 Payload Utils Stack-based Buffer Overflow
Source: NVD (National Vulnerability Database)
Vulnerability Description
Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The golioth_payload_as_int() and golioth_payload_as_float() helpers copy network-supplied payload data into fixed-size stack buffers using memcpy() with a length derived from payload_size. The only length checks are guarded by assert(); in release builds, the asserts are compiled out and memcpy() may copy an unbounded payload_size. Payloads larger than 12 bytes (int) or 32 bytes (float) can overflow the stack, resulting in a crash/denial of service. This is reachable via LightDB State on_payload with a malicious server or MITM.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
栈缓冲区溢出
Source: NVD (National Vulnerability Database)
Vulnerability Title
Golioth Firmware SDK 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Golioth Firmware SDK是Golioth开源的一个软件开发工具包。 Golioth Firmware SDK 0.10.0至0.22.0之前版本存在安全漏洞,该漏洞源于Payload Utils中存在基于栈的缓冲区溢出,可能导致崩溃或拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Golioth | Firmware SDK | 0.10.0 ~ 0.22.0 | - |
II. Public POCs for CVE-2026-23747
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-23747
请登录查看更多情报信息。
- Four Memory Safety Vulnerabilities in Golioth's IoT Firmware - SecMate Blogtechnical-descriptionexploit
- https://nvd.nist.gov/vuln/detail/CVE-2026-23747
Same Patch Batch · Golioth · 2026-02-26 · 4 CVEs total
| CVE-2026-23750 | 8.1 HIGH | Golioth Pouch < [INSERT FIXED VERSION] BLE GATT Heap-based Buffer Overflow |
| CVE-2026-23748 | 3.7 LOW | Golioth Firmware SDK < 0.22.0 LightDB State Out-of-Bounds Read |
| CVE-2026-23749 | 2.9 LOW | Golioth Firmware SDK < 0.22.0 Blockwise Transfer Path Out-of-Bounds Read |
IV. Related Vulnerabilities
Same weakness: CWE-121
- CVE-2026-8258
Squirrel sqstdstring.cpp validate_format stack-based overflo - CVE-2026-8234
EFM ipTIME A8004T WifiBasicSet formWifiBasicSet stack-based - CVE-2026-6665
PgBouncer buffer overflow in SCRAM - CVE-2026-41509
Integer underflow in crypto_sign_open() leads to buffer over - CVE-2026-8138
Tenda CX12L SetPptpServerCfg” formSetPPTPServer stack-based
V. Comments for CVE-2026-23747
No comments yet