espressif

Top products

The 15 most recently published vulnerabilities affecting espressif.

• CVE-2026-46532ESF-IDF: Heap Out-of-Bounds Read in Bluedroid AVRCP Target Parser4.6Jun 10, 2026
• CVE-2026-45542ESF-IDF: Heap buffer overflow in protocomm Security2 over Bluetooth7.1Jun 10, 2026
• CVE-2026-45329ESF-IDF: Out-of-Bounds Read in ESP-TEE Secure Service Wrappers7.1Jun 10, 2026
• CVE-2026-45328ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers9.3Jun 10, 2026
• CVE-2026-45160ESF-IDF: Out-of-bounds Read in lwIP DHCP Server Option Parser6.5Jun 10, 2026
• CVE-2026-45541ESF-IDF: Remote Null Pointer Dereference in WebSocket Server7.5Jun 10, 2026
• CVE-2026-44358Espressif Shared GitHub DangerJS: Untrusted Search Path in DangerJS Action Entrypoint8.2May 28, 2026
• CVE-2026-42854arduino-esp32: Stack buffer overflow in WebServer multipart boundary parsing leads to remote crash potential RCE9.8May 12, 2026
• CVE-2026-42855arduino-esp32: Digest authentication URI mismatch bypass in WebServer allows cross-resource replay attack7.5May 12, 2026
• CVE-2026-41429Improper validation of NBNS name_len in arduino-esp32 NetBIOS leads to memory corruption8.8Apr 24, 2026
• CVE-2026-25508ESF-IDF Has Memory Safety Vulnerabilities in BLE Provisioning6.3Feb 4, 2026
• CVE-2026-25507ESF-IDF Has Use-after-free Vulnerability in BLE Provisioning6.3Feb 4, 2026
• CVE-2026-25532ESF-IDF is Vulnerable to WPS Enrollee Fragment Integer Underflow6.3Feb 4, 2026
• CVE-2025-68657espressif/usb_host_hid Double-Free Race Condition in USB Host HID Device Close Path6.4Jan 12, 2026
• CVE-2025-68656Espressif ESP-IDF USB Host HID (Human Interface Device) Driver Descriptor Use-After-Free Vulnerability6.8Jan 12, 2026