Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

zephyrproject-rtos — Vulnerabilities & Security Advisories 130

Browse all 130 CVE security advisories affecting zephyrproject-rtos. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Zephyr Project is an open-source real-time operating system designed for constrained, resource-limited devices, primarily serving the Internet of Things and embedded systems sectors. Its architecture supports diverse hardware architectures, enabling developers to build secure, scalable applications for wearables, medical devices, and industrial sensors. Historically, the codebase has exhibited vulnerabilities typical of complex C-based systems, including buffer overflows, use-after-free errors, and improper input validation, which can lead to remote code execution or privilege escalation. While no single catastrophic incident has defined its history, the high volume of recorded CVEs highlights the challenges of maintaining security in a rapidly evolving, community-driven project. The RTOS relies on rigorous code review and automated testing to mitigate risks, yet its widespread adoption in critical infrastructure necessitates continuous vigilance against exploitation of memory safety flaws and configuration weaknesses.

Found 130 results / 130Clear Filters
Top products by zephyrproject-rtos: zephyr
CVE IDTitleCVSSSeverityPublished
CVE-2026-13351 net: Maliciously fragmented IPv6 packets can prevent receiving/processing future incoming packets — ZephyrCWE-772 7.5 High2026-06-25
CVE-2026-10658 Bluetooth Host ISO RX Missing SDU Header Length Validation in bt_iso_recv() Leads to DoS — Zephyr 7.1 High2026-06-22
CVE-2026-10651 Bluetooth Classic SDP parser truncation bug in bt_sdp_parse_attribute() leads to reachable assertion and possible out-of-bounds read — ZephyrCWE-20 7.1 High2026-06-22
CVE-2026-10645 fs: ext2: Missing structural validation of directory entries can cause out-of-bounds read and zero-progress directory traversal — ZephyrCWE-125 4.9 Medium2026-06-22
CVE-2026-5068 bt: l2cap le coc: remote oob write via seg counter stored in net_buf user_data — ZephyrCWE-787 7.6 High2026-06-09
CVE-2026-5067 Out-of-bounds read/write in HTTP WebSocket upgrade via non-null-terminated Sec-WebSocket-Key — ZephyrCWE-170 9.8 Critical2026-06-09
CVE-2026-5066 net: sockets: tls: Potential out-of-bounds write/read in socket_op_vtable::connect function — ZephyrCWE-787 6.3 Medium2026-06-04
CVE-2026-5589 Out-of-bounds write caused by an integer underflow in the Bluetooth Mesh subsystem. — ZephyrCWE-787--2026-06-04
CVE-2026-5071 can: Local Denial of Service via SocketCAN Send — ZephyrCWE-125 6.1 Medium2026-05-30
CVE-2026-5072 ptp: Potential Denial of Service via PTP Interval Shift — Zephyr--2026-05-22
CVE-2026-1681 net: Stack Overflow with Ping (to own IP Address) via Shell — ZephyrCWE-674 6.1 Medium2026-05-12
CVE-2026-1677 net: TLS 1.2 connections allowed on TLS 1.3 sockets — ZephyrCWE-757 5.3 Medium2026-05-11
CVE-2026-5590 net: ip/tcp: Null pointer dereference can be triggered by a race condition — ZephyrCWE-476 6.4 Medium2026-04-05
CVE-2026-1679 net: eswifi socket send payload length not bounded — ZephyrCWE-120 7.3 High2026-03-27
CVE-2026-4179 stm32: usb: Infinite while loop in Interrupt Handler — ZephyrCWE-835 6.1 Medium2026-03-14
CVE-2026-0849 crypto: ATAES132A response length allows stack buffer overflow — ZephyrCWE-120 3.8 Low2026-03-14
CVE-2026-1678 dns: memory‑safety issue in the DNS name parser — ZephyrCWE-787 9.4 Critical2026-03-05
CVE-2025-12899 net: icmp: Out of bound memory read — ZephyrCWE-843 6.5 Medium2026-01-30
CVE-2025-12035 Bluetooth: Integer Overflow in Bluetooth Classic (BR/EDR) L2CAP — ZephyrCWE-190 6.5 Medium2025-12-15
CVE-2025-9557 Bluetooth: Mesh: Out-of-Bound Write in gen_prov_cont — ZephyrCWE-120 7.6 High2025-11-26
CVE-2025-9558 Bluetooth: Mesh: Out-of-Bound Write in gen_prov_start — ZephyrCWE-120 7.6 High2025-11-26
CVE-2025-9408 Userspace privilege escalation vulnerability on Cortex M — ZephyrCWE-270 8.2 High2025-11-11
CVE-2025-12890 Bluetooth: peripheral: Invalid handling of malformed connection request — ZephyrCWE-703 6.5 Medium2025-11-07
CVE-2025-10456 Bluetooth: Semi-Arbitrary ability to make the BLE Target send disconnection requests — ZephyrCWE-190 7.1 High2025-09-19
CVE-2025-10458 Bluetooth: le_conn_rsp does not sanitize CID, MTU, MPS values — ZephyrCWE-130 7.6 High2025-09-19
CVE-2025-7403 Bluetooth: bt_conn_tx_processor unsafe handling — ZephyrCWE-123 7.6 High2025-09-19
CVE-2025-10457 Bluetooth: Out-Of-Context le_conn_rsp Handling — ZephyrCWE-358 4.3 Medium2025-09-19
CVE-2025-2962 Infinite loop in dns_copy_qname — ZephyrCWE-835 8.2 High2025-06-24
CVE-2025-1675 Out of bounds read in dns_copy_qname — ZephyrCWE-125 8.2 High2025-02-25
CVE-2025-1674 Out of bounds read when unpacking DNS answers — ZephyrCWE-125 8.2 High2025-02-25

This page lists every published CVE security advisory associated with zephyrproject-rtos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.