CVE-2026-28527 | BlueKitchen BTstack up to 1.8.0 AVRCP Controller out-of-bounds

Inserito da Angelo Barbosa | Mar 30, 2026 | CVE

A vulnerability was found in BlueKitchen BTstack up to 1.8.0. It has been classified as problematic. This affects the function GET_PLAYER_APPLICATION_SETTING_ATTRIBUTE_TEXT/GET_PLAYER_APPLICATION_SETTING_VALUE_TEXT of the component AVRCP Controller. The manipulation leads to out-of-bounds read.

This vulnerability is documented as CVE-2026-28527. The attack requires being on the local network. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-28527 | BlueKitchen BTstack up to 1.8.0 AVRCP Controller out-of-bounds

Post correlati

CVE-2024-24245 | Canimaan ClamXAV up to 3.6.1 Helper Tool Local Privilege Escalation

CVE-2024-13327 | Musicbox Plugin up to 2.0.3 on WordPress cross site scripting

CVE-2025-27640 | Vasion Print Virtual Appliance Host sql injection

CVE-2024-36424 | K7 Ultimate Security 16.0.0117 K7RKScan.sys null pointer dereference