A vulnerability was found in zephyrproject zephyr up to 4.4.x. It has been classified as critical. The impacted element is the function
nrf_wifi_event_proc_get_power_save_info of the file drivers/wifi/nrf_wifi/src/wifi_mgmt.c of the component Power-Save Event Handler. The manipulation of the argument num_twt_flows leads to out-of-bounds write.
This vulnerability is traded as CVE-2026-10664. An attack has to be approached locally. There is no exploit available.