Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
2.9 LOW
CVE-2026-23749 — Golioth Firmware SDK < 0.22.0 Blockwise Transfer Path Out-of-Bounds Read

Golioth Firmware SDK version 0.19.1 prior to 0.22.0, fixed in commit 0e788217, contain an out-of-bounds read due to improper null termination of a blockwise transfer path. blockwise_transfer_init() a…

| Memory Corruption
Feb 26, 2026 Feb 27, 2026
Feb 26, 2026
Feb 27, 2026
6.3 MEDIUM
CVE-2026-23748 — Golioth Firmware SDK < 0.22.0 LightDB State Out-of-Bounds Read

Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of-bounds read in LightDB State string parsing. When processing a string payload, a payload_size value le…

Remote | Memory Corruption
Feb 26, 2026 Feb 27, 2026
Feb 26, 2026
Feb 27, 2026
6.3 MEDIUM
CVE-2026-23747 — Golioth Firmware SDK < 0.22.0 Payload Utils Stack-based Buffer Overflow

Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit 48f521b, contain a stack-based buffer overflow in Payload Utils. The golioth_payload_as_int() and golioth_payload_as_float() helpe…

Remote | Memory Corruption
Feb 26, 2026 Feb 27, 2026
Feb 26, 2026
Feb 27, 2026
Showing 20 of 6063 Results