CVE-2026-28525 | sbabic swupdate up to 2025.12 mongoose_multipart.c mg_http_multipart_continue_wait_for_chunk integer underflow

Inserito da Angelo Barbosa | Apr 23, 2026 | CVE

A vulnerability classified as problematic has been found in sbabic swupdate up to 2025.12. This impacts the function mg_http_multipart_continue_wait_for_chunk of the file mongoose_multipart.c. The manipulation leads to integer underflow.

This vulnerability is referenced as CVE-2026-28525. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to install a patch to address this issue.

CVE-2026-28525 | sbabic swupdate up to 2025.12 mongoose_multipart.c mg_http_multipart_continue_wait_for_chunk integer underflow

Post correlati

CVE-2024-11595 | Wireshark up to 4.2.8/4.4.1 FiveCo RAP Dissector infinite loop

CVE-2024-30125 | HCL BigFix Compliance 2.0.x Status Code 500 denial of service (KB0113886)

CVE-2024-6320 | dwieeb ScrollTo Top Plugin up to 1.2.2 on WordPress options_page cross-site request forgery

CVE-2024-24806 | libuv up to 1.47.x src/unix/getaddrinfo.c uv_getaddrinfo server-side request forgery (GHSA-f74f-cvh7-c6q6)