VYPR

Btstack

by Bluekitchen Gmbh

Source repositories

CVEs (4)

  • CVE-2023-48906MedApr 1, 2024
    risk 0.28cvss 4.3epss 0.00

    Stack Overflow vulnerability in Btstack 1.6 and earlier allows attackers to cause a denial of service via crafted input to the char_for_nibble function.

  • CVE-2026-28528MedMar 30, 2026
    risk 0.23cvss 4.6epss 0.00

    BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Browsing Target GET_FOLDER_ITEMS handler that fails to validate packet boundaries and attribute count data. An attacker with a paired Bluetooth Classic connection can exploit…

  • CVE-2026-28527LowMar 30, 2026
    risk 0.16cvss 3.5epss 0.00

    BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller GET_PLAYER_APPLICATION_SETTING_ATTRIBUTE_TEXT and GET_PLAYER_APPLICATION_SETTING_VALUE_TEXT handlers that allows nearby attackers to read beyond packet boundaries.…

  • CVE-2026-28526LowMar 30, 2026
    risk 0.16cvss 3.5epss 0.00

    BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller LIST_PLAYER_APPLICATION_SETTING_ATTRIBUTES and LIST_PLAYER_APPLICATION_SETTING_VALUES handlers that allows attackers to read beyond buffer boundaries. A nearby…