CVE-2026-25532 | Espressif ESP-IDF 5.1.6/5.2.6/5.3.4/5.4.3/5.5.2 wpabuf_put_data frag_len integer underflow (GHSA-m2h2-683f-9mw7)

Inserito da Angelo Barbosa | Feb 4, 2026 | CVE

A vulnerability classified as problematic was found in Espressif ESP-IDF 5.1.6/5.2.6/5.3.4/5.4.3/5.5.2. This impacts the function wpabuf_put_data. Executing a manipulation of the argument frag_len can lead to integer underflow.

This vulnerability is handled as CVE-2026-25532. The attack can only be done within the local network. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-25532 | Espressif ESP-IDF 5.1.6/5.2.6/5.3.4/5.4.3/5.5.2 wpabuf_put_data frag_len integer underflow (GHSA-m2h2-683f-9mw7)

Post correlati

CVE-2024-7485 | Traffic Manager Plugin up to 1.4.5 on WordPress cross site scripting

CVE-2025-0708 | fumiao opencms 2.2 Add Model Management Page /admin/model/addOrUpdate 模板前缀 cross site scripting (IBI2XM)

CVE-2023-38723 | IBM Maximo Asset Management 7.6.1.3 Web UI cross site scripting (XFDB-262192)

CVE-2025-7767 | PHPGurukul Art Gallery Management System 1.1 edit-art-medium-detail.php artmed cross site scripting