VYPR
Medium severity6.5NVD Advisory· Published Mar 16, 2026· Updated May 26, 2026

CVE-2026-28522

CVE-2026-28522

Description

arduino-TuyaOpen before version 1.2.1 contains a null pointer dereference vulnerability in the WiFiUDP component. An attacker on the same local area network can send a large volume of malicious UDP packets that trigger a null pointer dereference, resulting in a denial-of-service condition.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Tuya/Tuya SDKllm-fuzzy
    Range: <1.2.1
  • Tuya/arduino-TuyaOpenv5
    Range: 0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.