CVE-2026-58465 - Eclipse Wakaama CoAP Block1 Handler Unbounded Memory Allocation DoS

CVE ID :CVE-2026-58465
Published : July 2, 2026, 5:55 p.m. | 1 hour, 48 minutes ago
Description :Eclipse Wakaama before snapshot/2026-05-26 contains an unbounded memory allocation vulnerability in the CoAP Block1 handler within coap/block.c that allows unauthenticated remote attackers to exhaust server memory by sending a sequence of Block1 PUT requests with incrementing block numbers. Attackers can target the registration endpoint over UDP without authentication, causing the server to repeatedly reallocate a growing accumulation buffer by appending each block payload without enforcing any maximum total size limit, resulting in denial of service through memory exhaustion.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

from Latest Vulnerabilities https://ift.tt/TZJfNCK
via IFTTT

Maloy Roy Orko

I am Maloy Roy Orko. An aspiring security researcher. Learning New Fields and Strategies Since 2019. 💻

Post a Comment

Please Select Embedded Mode To Show The Comment System.*

Previous Post Next Post