CVE-2026-10639 | zephyrproject zephyr up to 4.4.x subsys/net/ip/icmpv4.c icmpv4_handle_echo_request use after free (GHSA-qhrf-w466-qmpw)

A vulnerability, which was classified as critical, was found in zephyrproject zephyr up to 4.4.x. Affected by this vulnerability is the function icmpv4_handle_echo_request of the file subsys/net/ip/icmpv4.c. Executing a manipulation can lead to use after free.

This vulnerability appears as CVE-2026-10639. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More