VYPR

Hue Bridge V2 Firmware

by Philips

CVEs (8)

  • CVE-2026-3562HigMar 16, 2026
    risk 0.57cvss 8.8epss 0.00

    Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this…

  • CVE-2026-3560HigMar 16, 2026
    risk 0.57cvss 8.8epss 0.00

    Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to…

  • CVE-2026-3556HigMar 16, 2026
    risk 0.57cvss 8.8epss 0.01

    Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Authentication is not required to exploit this…

  • CVE-2026-3559HigMar 16, 2026
    risk 0.53cvss 8.1epss 0.00

    Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this…

  • CVE-2026-3558HigMar 16, 2026
    risk 0.53cvss 8.1epss 0.00

    Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Philips Hue Bridge. Authentication is not required to exploit this…

  • CVE-2026-3561HigMar 16, 2026
    risk 0.52cvss 8.0epss 0.01

    Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to…

  • CVE-2026-3557HigMar 16, 2026
    risk 0.52cvss 8.0epss 0.01

    Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is…

  • CVE-2026-3555HigMar 16, 2026
    risk 0.52cvss 8.0epss 0.00

    Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. User interaction is required to…