CVE-2025-68656 | Espressif esp-usb up to 1.0.x usb_class_request_get_descriptor use after free

Inserito da Angelo Barbosa | Gen 12, 2026 | CVE

A vulnerability marked as critical has been reported in Espressif esp-usb up to 1.0.x. This affects the function usb_class_request_get_descriptor. Performing a manipulation results in use after free.

This vulnerability is identified as CVE-2025-68656. The attack may be carried out on the physical device. There is not any exploit available.

It is suggested to upgrade the affected component.

CVE-2025-68656 | Espressif esp-usb up to 1.0.x usb_class_request_get_descriptor use after free

Post correlati

CVE-2024-0547 | Ability FTP Server 2.34 APPE Command denial of service (ID 163079)

CVE-2025-68151 | CoreDNS up to 1.13.x allocation of resources (WID-SEC-2026-0047)

CVE-2025-8371 | code-projects Exam Form Submission 1.0 /admin/update_s5.php credits sql injection

CVE-2024-11200 | Goodlayers Core Plugin up to 2.0.7 on WordPress font-family cross site scripting