CVE-2026-10637 | zephyrproject zephyr up to 4.4.x Packet Interface subsys/net/ip/ipv6_mld.c mld_send use after free (GHSA-m23w-34pp-4h92)

Inserito da Angelo Barbosa | Giu 16, 2026 | CVE

A vulnerability classified as critical was found in zephyrproject zephyr up to 4.4.x. Affected by this issue is the function mld_send of the file subsys/net/ip/ipv6_mld.c of the component Packet Interface. Executing a manipulation can lead to use after free.

This vulnerability is registered as CVE-2026-10637. The attack requires access to the local network. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-10637 | zephyrproject zephyr up to 4.4.x Packet Interface subsys/net/ip/ipv6_mld.c mld_send use after free (GHSA-m23w-34pp-4h92)

Post correlati

CVE-2023-50783 | Apache Airflow up to 2.7.x Variable access control

CVE-2026-10287 | SourceCodester SEO Meta Tag Extractor 1.0 /index.php get_headers url server-side request forgery

CVE-2024-50671 | Adapt Learning Adapt Authoring Tool up to 0.11.3 Get Users access control

CVE-2025-58148 | Xen Viridian Hypercall send_ipi out-of-bounds