A vulnerability was found in zephyrproject zephyr up to 4.4.x and classified as very critical. This affects the function eth_adin2111_oa_data_read of the file drivers/ethernet/eth_adin2111.c of the component Ethernet Driver. Executing a manipulation of the argument scur/len can lead to out-of-bounds write.

This vulnerability appears as CVE-2026-10673. The attack may be performed from remote. There is no available exploit.