VYPR

Libcoap

by Libcoap

CVEs (1)

  • CVE-2026-29013CriApr 17, 2026
    risk 0.57cvss 9.8epss 0.00

    libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where get_byte_inc() in src/oscore/oscore_cbor.c relies solely on assert() for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted…