Esp-idf

This hub aggregates every CVE we track for Esp-idf, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Esp-idf.

• CVE-2026-46532ESF-IDF: Heap Out-of-Bounds Read in Bluedroid AVRCP Target Parser4.6Jun 10, 2026
• CVE-2026-45542ESF-IDF: Heap buffer overflow in protocomm Security2 over Bluetooth7.1Jun 10, 2026
• CVE-2026-45329ESF-IDF: Out-of-Bounds Read in ESP-TEE Secure Service Wrappers7.1Jun 10, 2026
• CVE-2026-45328ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers9.3Jun 10, 2026
• CVE-2026-45160ESF-IDF: Out-of-bounds Read in lwIP DHCP Server Option Parser6.5Jun 10, 2026
• CVE-2026-45541ESF-IDF: Remote Null Pointer Dereference in WebSocket Server7.5Jun 10, 2026
• CVE-2026-25508ESF-IDF Has Memory Safety Vulnerabilities in BLE Provisioning6.3Feb 4, 2026
• CVE-2026-25507ESF-IDF Has Use-after-free Vulnerability in BLE Provisioning6.3Feb 4, 2026
• CVE-2026-25532ESF-IDF is Vulnerable to WPS Enrollee Fragment Integer Underflow6.3Feb 4, 2026
• CVE-2025-68474ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVRCP Vendor Command Handling7.6Dec 26, 2025
• CVE-2025-68473ESF-IDF Has Out-of-Bounds Read in ESP32 Bluetooth SDP Result Handling8.6Dec 26, 2025
• CVE-2025-66409ESF-IDF has an Out-of-Bounds Read in ESP32 Bluetooth AVRCP Command Handling9.1Dec 2, 2025
• CVE-2025-55297ESF-IDF BluFi Example Memory Overflow Vulnerability8.8Aug 21, 2025
• CVE-2025-52471ESP-NOW Integer Underflow Vulnerability Advisory9.8Jun 24, 2025
• CVE-2024-53406Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting in Authentication bypass. In the reconnection phase, the device reuses the session key from a previous connection session, c...8.8Mar 13, 2025