CVE-2026-5066 | zephyrproject-rtos Zephyr up to 4.3 sockets_tls.c tls_session_store/tls_session_restore out-of-bounds write (GHSA-wgrc-jrf6-24f3 / EUVD-2026-34324)

A vulnerability classified as critical was found in zephyrproject-rtos Zephyr up to 4.3. This impacts the function tls_session_store/tls_session_restore of the file subsys/net/lib/sockets/sockets_tls.c. Executing a manipulation can lead to out-of-bounds write.

This vulnerability is registered as CVE-2026-5066. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More