216.73.217.86

CVE-2026-38719

· Published 18/05/2026 17:16 · Modified 18/05/2026 20:27

Labels: CVE-2026-38719 2026-05-18CVE-2026-38719CWE-125[email protected]

Essential information

Published
18/05/2026 17:16
Modified
18/05/2026 20:27
Author
Creator
CVSS
6.2 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format (CPF) parser, specifically in CreateCommonPacketFormatStructure() in source/src/enet_encap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled item_count value that is not consistently validated against the remaining data_length of the CPF slice

NVD status

Status
Deferred — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
opener / opener cpe:2.3:a:opener:opener:2.3-558-g1e99582:*:*:*:*:*:*:*
opener / opener cpe:2.3:a:opener:opener:2.3:*:*:*:*:*:*:*

References