CVE-2025-68657 | Espressif esp-usb up to 1.0.x USB Event Callback hid_host_device_close double free

A vulnerability was found in Espressif esp-usb up to 1.0.x. It has been rated as critical. This issue affects the function hid_host_device_close of the component USB Event Callback Handler. The manipulation leads to double free.

This vulnerability is uniquely identified as CVE-2025-68657. It is possible to launch the attack on the physical device. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More