216.73.217.98

CVE-2026-44634

· Published 10/06/2026 01:16 · Modified 10/06/2026 20:19

Labels: CVE-2026-44634 2026-06-10CVE-2026-44634CWE-121[email protected]

Essential information

Published
10/06/2026 01:16
Modified
10/06/2026 20:19
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

SimpleBLE is a cross-platform library and bindings for Bluetooth Low Energy (BLE). Prior to version 0.14.0, there are multiple stack-based buffer overflow vulnerabilities in SimpleBLE. There is a stack overflow vulnerability in the dongl backend’s Protocol::simpleble_write function (local, caller-controlled input). A stack overflow vulnerability when processing manufacturer-specific data in BLE advertisements (remote, no pairing or connection required). Lastly, a stack overflow vulnerability when processing service data in BLE advertisements (remote, no pairing or connection required). This issue has been patched in version 0.14.0.

NVD status

Status
Deferred — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
simpleble / simpleble cpe:2.3:a:simpleble:simpleble:*:*:*:*:*:*:*:*

References