CVE-2026-5067 | zephyrproject-rtos Zephyr up to 4.3.0 WebSocket Upgrade strlen null termination (GHSA-wgr4-9pwq-94vj)

Inserito da Angelo Barbosa | Giu 9, 2026 | CVE

A vulnerability categorized as very critical has been discovered in zephyrproject-rtos Zephyr up to 4.3.0. This affects the function strlen of the component WebSocket Upgrade Handler. Executing a manipulation can lead to improper null termination.

The identification of this vulnerability is CVE-2026-5067. The attack may be launched remotely. There is no exploit available.

CVE-2026-5067 | zephyrproject-rtos Zephyr up to 4.3.0 WebSocket Upgrade strlen null termination (GHSA-wgr4-9pwq-94vj)

Post correlati

CVE-2023-50424 | SAP cloud-security-client-go up to 0.16.x authorization

CVE-2023-50734 | Lexmark CX331adwe make42charstring stack-based overflow

CVE-2025-6713 | MongoDB Server up to 6.0.21/7.0.19/8.0.6 mergeCursors improper authorization

CVE-2025-26974 | WPExperts WP Multi Store Locator Plugin up to 2.5.1 on WordPress sql injection