CVE-2026-10636 | zephyrproject zephyr up to 4.4.x Network Interface subsys/net/ip/igmp.c igmp_send use after free (GHSA-fj6q-975v-65c9)

Inserito da Angelo Barbosa | Giu 16, 2026 | CVE

A vulnerability classified as critical has been found in zephyrproject zephyr up to 4.4.x. Affected by this vulnerability is the function igmp_send of the file subsys/net/ip/igmp.c of the component Network Interface. Performing a manipulation results in use after free.

This vulnerability is cataloged as CVE-2026-10636. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2026-10636 | zephyrproject zephyr up to 4.4.x Network Interface subsys/net/ip/igmp.c igmp_send use after free (GHSA-fj6q-975v-65c9)

Post correlati

CVE-2024-58263 | CosmWasm cosmwasm-std Crate up to 1.4.3/1.5.3/2.0.1 on Rust integer overflow (RUSTSEC-2024-0338)

CVE-2024-4974 | code-projects Simple Chat System 1.0 /register.php name cross site scripting

CVE-2023-51436 | Japan System Techniques Universal Passport RX up to 1.0.8 cross site scripting

CVE-2023-53560 | Linux Kernel up to 6.4.4 hist_vars use after free