CVE-2026-10672 | zephyrproject zephyr up to 4.4.x Firmware-Update lwm2m_pull_context.c lwm2m_parse_peerinfo uri out-of-bounds

SecurityVulns

A vulnerability was found in zephyrproject zephyr up to 4.4.x. It has been rated as critical. This vulnerability affects the function lwm2m_parse_peerinfo of the file subsys/net/lib/lwm2m/lwm2m_pull_context.c of the component Firmware-Update. Performing a manipulation of the argument uri results in out-of-bounds read.

This vulnerability is known as CVE-2026-10672. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More