CVE-2026-37537
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-37537
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 (2023-03-08) contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8_t index = data[0] - 1. When data[0] (sequence number from CAN frame) is 0, index underflows to 255. Subsequent write at tp_dt->data[255*7 + i-1] reaches offset 1791, exceeding the MAX_TP_DT buffer (1785 bytes) by 6 bytes.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2026-37537
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-37537
Please Login to view more intelligence information
Same Patch Batch · n/a · 2026-05-01 · 53 CVEs total
| CVE-2026-37541 | 10.0 CRITICAL | OVMS3 3.3.005缓冲区溢出漏洞 |
| CVE-2026-37539 | 9.8 CRITICAL | Cannelloni v2.0.0缓冲区溢出漏洞 |
| CVE-2026-37531 | 9.8 CRITICAL | AGL app-framework-main Zip Slip漏洞 |
| CVE-2026-37536 | 8.8 HIGH | uds-c栈缓冲区溢出漏洞 |
| CVE-2026-37552 | 8.4 HIGH | MixPHP 2.x反序列化导致远程代码执行 |
| CVE-2026-37540 | 8.4 HIGH | OpenAMP v2025.10.0 ELF加载器整数溢出漏洞 |
| CVE-2026-37526 | 7.8 HIGH | AGL app-framework-binder v19.90.0 本地提权漏洞 |
| CVE-2026-37525 | 7.8 HIGH | AGL app-framework-binder v19.90.0权限提升漏洞 |
| CVE-2026-37554 | 7.5 HIGH | Vanetza V2X v26.02拒绝服务漏洞 |
| CVE-2026-7598 | 7.3 HIGH | libssh2 userauth.c userauth_password integer overflow |
| CVE-2026-37535 | 7.1 HIGH | isotp-c未验证长度致越界读,可致DoS或信息泄露 |
| CVE-2026-37532 | 7.1 HIGH | AGL agl-service-can-low-level <=17.1.12存在堆缓冲区过度读取漏洞 |
| CVE-2026-37503 | 6.9 MEDIUM | V2Board<=1.7.4跨站脚本漏洞 |
| CVE-2026-7536 | 5.3 MEDIUM | Open5GS BSF pcfBindings bsf_sess_add_by_ip_address denial of service |
| CVE-2026-7580 | 5.3 MEDIUM | Exiftool JPEG/QuickTime/MOV/MP4 GM.pm Process_mrld code injection |
| CVE-2026-37504 | 5.3 MEDIUM | V2Board 1.7.4及以下版本敏感信息泄露 |
| CVE-2026-37505 | 4.9 MEDIUM | V2Board<=1.7.4管理后台SQL注入漏洞 |
| CVE-2026-7578 | 4.7 MEDIUM | MacCMS Pro Plugin Installation add.html install unrestricted upload |
| CVE-2026-7587 | 4.3 MEDIUM | Open5GS AMF nsmf-handler.c amf_nsmf_pdusession_handle_update_sm_context denial of service |
| CVE-2026-7518 | 4.3 MEDIUM | Open5GS AMF SBI Endpoint sdmsubscription-notify amf_namf_callback_handle_sdm_data_change_n |
Showing top 20 of 53 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM - CVE-2026-6664
PgBouncer integer overflow in PgBouncer network packet parsi - CVE-2026-8127
eladmin Users API Endpoint UserController.java checkLevel ac
V. Comments for CVE-2026-37537
No comments yet