CVE-2026-10638 | zephyrproject zephyr up to 4.4.x Network Interface subsys/net/ip/icmpv6.c net_try_send_data use after free (GHSA-m92g-94xv-wvw2)

A vulnerability described as critical has been identified in zephyrproject zephyr up to 4.4.x. The impacted element is the function net_try_send_data of the file subsys/net/ip/icmpv6.c of the component Network Interface. The manipulation results in use after free.

This vulnerability is cataloged as CVE-2026-10638. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More