CVE-2026-10660 | Zephyr Project up to 4.4.x Broadcast Assistant bap_broadcast_assistant.c notify_handler offset out-of-bounds write
A vulnerability described as critical has been identified in Zephyr Project Zephyr up to 4.4.x. This affects the function notify_handler of the file subsys/bluetooth/audio/bap_broadcast_assistant.c of the component Broadcast Assistant. Executing a manipulation of the argument offset can lead to out-of-bounds write.
This vulnerability is registered as CVE-2026-10660. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More