CVE-2026-23750— Golioth Pouch < [INSERT FIXED VERSION] BLE GATT Heap-based Buffer Overflow
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-23750
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Golioth Pouch < [INSERT FIXED VERSION] BLE GATT Heap-based Buffer Overflow
Source: NVD (National Vulnerability Database)
Vulnerability Description
Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_write() allocates a heap buffer of size CONFIG_POUCH_SERVER_CERT_MAX_LEN when receiving the first fragment, then appends subsequent fragments using memcpy() without verifying that sufficient capacity remains. An adjacent BLE client can send unauthenticated fragments whose combined size exceeds the allocated buffer, causing a heap overflow and crash; integrity impact is also possible due to memory corruption.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
堆缓冲区溢出
Source: NVD (National Vulnerability Database)
Vulnerability Title
pouch 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
pouch是Golioth开源的一种非IP协议。 pouch 0.1.0版本存在安全漏洞,该漏洞源于BLE GATT服务器证书处理中存在基于堆的缓冲区溢出,可能导致堆溢出和崩溃。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-23750
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-23750
请登录查看更多情报信息。
- Four Memory Safety Vulnerabilities in Golioth's IoT Firmware - SecMate Blogtechnical-descriptionexploit
- https://nvd.nist.gov/vuln/detail/CVE-2026-23750
Same Patch Batch · Golioth · 2026-02-26 · 4 CVEs total
| CVE-2026-23748 | 3.7 LOW | Golioth Firmware SDK < 0.22.0 LightDB State Out-of-Bounds Read |
| CVE-2026-23747 | 3.7 LOW | Golioth Firmware SDK < 0.22.0 Payload Utils Stack-based Buffer Overflow |
| CVE-2026-23749 | 2.9 LOW | Golioth Firmware SDK < 0.22.0 Blockwise Transfer Path Out-of-Bounds Read |
IV. Related Vulnerabilities
Same weakness: CWE-122
- CVE-2026-8261
Squirrel sqobject.cpp Load heap-based overflow - CVE-2026-8213
OSGeo gdal Grid File GDapi.c GDSDfldsrch heap-based overflow - CVE-2026-8212
OSGeo gdal SWapi.c SWSDfldsrch heap-based overflow - CVE-2026-42309
Pillow: Heap buffer overflow with nested list coordinates - CVE-2026-45130
Vim: Heap Buffer Overflow in spell file loading
V. Comments for CVE-2026-23750
No comments yet