Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

zephyr — Vulnerabilities & Security Advisories 121

All 121 CVE vulnerabilities found in zephyr, with AI-generated Chinese analysis, references, and POCs.

This page aggregates security weaknesses for the Zephyr real-time operating system, a popular open-source kernel used in embedded devices. It compiles known vulnerability records from multiple authoritative sources to provide a centralized view of the threat landscape affecting this specific software product. The data collected spans a wide historical range, capturing both recent discoveries and legacy issues that have been publicly disclosed or patched by the vendor and third-party researchers. By consulting this aggregation, users can track Zephyr’s security advisories over time to understand the frequency and severity of reported flaws. Readers can also gain deeper insights into specific weakness classes, such as buffer overflows or race conditions, as they manifest within the Zephyr codebase. Additionally, the page allows for looking up a product’s vulnerability history, enabling developers and security analysts to assess the long-term stability and maintenance practices of the operating system. This resource is designed to support informed decision-making regarding deployment and patch management strategies. It serves as a factual reference point for anyone evaluating the security posture of Zephyr-based systems without subjective commentary or promotional content. The information is presented strictly for educational and operational awareness purposes.

Vendor: zephyrproject-rtos

CVE IDTitleCVSSSeverityPublished
CVE-2026-5072 ptp: Potential Denial of Service via PTP Interval Shift --2026-05-22
CVE-2026-1681 net: Stack Overflow with Ping (to own IP Address) via Shell CWE-674 6.1 Medium2026-05-12
CVE-2026-1677 net: TLS 1.2 connections allowed on TLS 1.3 sockets CWE-757 5.3 Medium2026-05-11
CVE-2026-5590 net: ip/tcp: Null pointer dereference can be triggered by a race condition CWE-476 6.4 Medium2026-04-05
CVE-2026-1679 net: eswifi socket send payload length not bounded CWE-120 7.3 High2026-03-27
CVE-2026-4179 stm32: usb: Infinite while loop in Interrupt Handler CWE-835 6.1 Medium2026-03-14
CVE-2026-0849 crypto: ATAES132A response length allows stack buffer overflow CWE-120 3.8 Low2026-03-14
CVE-2026-1678 dns: memory‑safety issue in the DNS name parser CWE-787 9.4 Critical2026-03-05
CVE-2025-12899 net: icmp: Out of bound memory read CWE-843 6.5 Medium2026-01-30
CVE-2025-12035 Bluetooth: Integer Overflow in Bluetooth Classic (BR/EDR) L2CAP CWE-190 6.5 Medium2025-12-15
CVE-2025-9557 Bluetooth: Mesh: Out-of-Bound Write in gen_prov_cont CWE-120 7.6 High2025-11-26
CVE-2025-9558 Bluetooth: Mesh: Out-of-Bound Write in gen_prov_start CWE-120 7.6 High2025-11-26
CVE-2025-9408 Userspace privilege escalation vulnerability on Cortex M CWE-270 8.2 High2025-11-11
CVE-2025-12890 Bluetooth: peripheral: Invalid handling of malformed connection request CWE-703 6.5 Medium2025-11-07
CVE-2025-10456 Bluetooth: Semi-Arbitrary ability to make the BLE Target send disconnection requests CWE-190 7.1 High2025-09-19
CVE-2025-10458 Bluetooth: le_conn_rsp does not sanitize CID, MTU, MPS values CWE-130 7.6 High2025-09-19
CVE-2025-7403 Bluetooth: bt_conn_tx_processor unsafe handling CWE-123 7.6 High2025-09-19
CVE-2025-10457 Bluetooth: Out-Of-Context le_conn_rsp Handling CWE-358 4.3 Medium2025-09-19
CVE-2025-2962 Infinite loop in dns_copy_qname CWE-835 8.2 High2025-06-24
CVE-2025-1675 Out of bounds read in dns_copy_qname CWE-125 8.2 High2025-02-25
CVE-2025-1674 Out of bounds read when unpacking DNS answers CWE-125 8.2 High2025-02-25
CVE-2025-1673 Out of bounds read when calling crc16_ansi and strlen in dns_validate_msg CWE-125 8.2 High2025-02-25
CVE-2024-10395 net: lib: http_server: Buffer Under-read CWE-127 8.6 High2025-02-03
CVE-2024-8798 Bluetooth: classic: avdtp: missing buffer length check CWE-122 7.5 High2024-12-15
CVE-2024-11263 arch: riscv: userspace: potential security risk when CONFIG_RISCV_GP=y CWE-270 9.4 Critical2024-11-15
CVE-2024-6444 Bluetooth: ots: missing buffer length check CWE-122 6.3 Medium2024-10-04
CVE-2024-6443 zephyr: out-of-bound read in utf8_trunc CWE-125 6.3 Medium2024-10-04
CVE-2024-6442 Bluetooth: ASCS Unchecked tailroom of the response buffer CWE-787 6.3 Medium2024-10-04
CVE-2024-6259 BT: HCI: adv_ext_report Improper discarding in adv_ext_report CWE-787 7.6 High2024-09-13
CVE-2024-6137 BT: Classic: SDP OOB access in get_att_search_list CWE-121 7.6 High2024-09-13

All 121 known CVE vulnerabilities affecting zephyr with full Chinese analysis, references, and POCs where available.