CVE-2025-53470
Essential information
- Published
- 10/01/2026 10:15
- Modified
- 10/01/2026 10:15
- Author
- —
- Creator
- —
- CISA KEV
- No
- CWE
- —
- CVSS vector
- — — —
Description
Out-of-bounds Read vulnerability in Apache NimBLE HCI H4 driver. Specially crafted HCI event could lead to invalid memory read in H4 driver.
This issue affects Apache NimBLE: through 1.8.
This issue requires a broken or bogus Bluetooth controller and thus severity is considered low.
Users are recommended to upgrade to version 1.9, which fixes the issue.
NVD status
- Status
- Received — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| apache / nimble | cpe:2.3:a:apache:nimble:<1.9:*:*:*:*:*:*:* |