Browse all 14 CVE security advisories affecting meshtastic. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Meshtastic is an open-source mesh networking platform enabling long-range communication between devices. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation issues, with 14 CVEs documented. Security concerns center on insecure default configurations and inadequate input validation in web interfaces. While no major public incidents have been widely reported, the platform's reliance on user-provided nodes and its decentralized nature present inherent security challenges. The project has gradually improved security practices, but users must remain vigilant about potential exploitation risks, particularly in internet-exposed deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-52883 | Meshtastic-Android vulnerable to forged DMs with no PKC showing up as encrypted — Meshtastic-AndroidCWE-1287 | 5.3 | Medium | 2025-06-24 |
This page lists every published CVE security advisory associated with meshtastic. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.