CVE-2026-10652 | zephyrproject zephyr up to 4.4.x dns_unpack_answer msg_size out-of-bounds (GHSA-3jxq-xx8g-q8j2)

A vulnerability classified as critical was found in zephyrproject zephyr up to 4.4.x. This impacts the function dns_unpack_answer. Executing a manipulation of the argument msg_size can lead to out-of-bounds read.

This vulnerability appears as CVE-2026-10652. The attack may be performed from remote. There is no available exploit.

Upgrading the affected component is advised.VulDB Recent EntriesRead More