By vendor
Espressif vulnerabilities
Known CVEs affecting Espressif products, prioritized by severity, with SEC.co remediation and detection guidance.
5 published vulnerabilities
- CVE-2026-45541HIGH 7.5
A flaw exists in Espressif's IoT Development Framework (ESP-IDF) that allows an attacker to crash a WebSocket server by sending a specially crafted network request during the initial connection handshake. The server fails to safely validate a specific HTTP header before attempting to process it, causing an immediate denial of service. No authentication is required—an unauthenticated attacker on the network can trigger this crash remotely.
- CVE-2026-45329HIGH 7.1
CVE-2026-45329 is a memory disclosure vulnerability in Espressif's IoT Development Framework (ESP-IDF) affecting versions 5.5.4 and 6.0. The issue stems from inadequate input validation in secure-service wrapper functions that interface with TEE (Trusted Execution Environment) hardware. An attacker with local access can supply carefully crafted memory pointers to these wrappers, causing the underlying TEE-protected peripherals (such as ECC, SHA, or SPI engines) to read sensitive data from TEE-exclusive memory regions and return it to the untrusted realm. The disclosure occurs through direct byte leakage, computed results, or bit-level oracles, enabling incremental extraction of secrets stored in the TEE.
- CVE-2026-45542HIGH 7.1
A heap buffer overflow vulnerability exists in Espressif's IoT Development Framework (ESP-IDF) affecting the Security Scheme 2 (SRP6a) component used during initial device provisioning and session setup. When a device receives a provisioning request with a specially crafted username field, the security handler copies the user-supplied length into a smaller buffer than intended, corrupting heap memory and potentially causing the device to crash or behave unpredictably. An attacker within network range of the target device can trigger this without authentication.
- CVE-2026-45160MEDIUM 6.5
ESP-IDF, Espressif's development framework for IoT devices, contains a memory safety flaw in its DHCP server component. When processing DHCP requests from clients on a local network, the parser does not properly validate option lengths, allowing an attacker to craft a malicious request that causes the device to read data beyond the intended buffer boundary. This could lead to information disclosure or device instability. The issue affects devices running as DHCP servers—notably ESP32 and similar chips using ESP-IDF's SoftAP (soft access point) feature.
- CVE-2026-46532MEDIUM 4.6
A memory reading vulnerability exists in Espressif's ESP-IDF Bluetooth stack, specifically in the AVRCP (Audio/Video Remote Control Profile) vendor command parser. An authenticated attacker with local Bluetooth access could read adjacent memory contents by crafting malformed vendor commands. This could leak sensitive information from the device's memory. The vulnerability affects ESP-IDF versions 5.2.6 through 6.0 across multiple release branches.