CVE-2026-28526 | BlueKitchen BTstack up to 1.8.0 AVRCP Controller Count out-of-bounds

A vulnerability was found in BlueKitchen BTstack up to 1.8.0 and classified as problematic. Affected by this issue is the function LIST_PLAYER_APPLICATION_SETTING_ATTRIBUTES/LIST_PLAYER_APPLICATION_SETTING_VALUES of the component AVRCP Controller. Executing a manipulation of the argument Count can lead to out-of-bounds read.

This vulnerability is registered as CVE-2026-28526. The attack requires access to the local network. No exploit is available.

It is suggested to upgrade the affected component.

CVE-2026-28526 | BlueKitchen BTstack up to 1.8.0 AVRCP Controller Count out-of-bounds

Post correlati

CVE-2024-43408 | discourse-placeholder-theme-component cross site scripting (GHSA-9wx4-cmv3-g5jw)

CVE-2025-68996 | WebCodingPlace Responsive Posts Carousel Pro Plugin up to 15.1 on WordPress filename control

CVE-2022-4963 | Folio Spring Module Core up to 1.1.5 Schema Name HibernateSchemaService.java dropSchema sql injection (FOLIO-3645)

CVE-2024-36728 | TRENDnet TEW-827DRU up to 2.06B04 Setting apply.cgi vlan_setting dns1/dns2 stack-based overflow