VYPR

Esp USB

by Espressif

Source repositories

CVEs (3)

  • CVE-2025-68657Jan 12, 2026
    risk 0.00cvss epss 0.00

    Espressif ESP-IDF USB Host HID (Human Interface Device) Driver allows access to HID devices. Prior to 1.1.0, calls to hid_host_device_close() can free the same usb_transfer_t twice. The USB event callback and user code share the hid_iface_t state without locking, so both can…

  • CVE-2025-68656Jan 12, 2026
    risk 0.00cvss epss 0.00

    Espressif ESP-IDF USB Host HID (Human Interface Device) Driver allows access to HID devices. Prior to 1.1.0, usb_class_request_get_descriptor() frees and reallocates hid_device->ctrl_xfer when an oversized descriptor is requested but continues to use the stale local pointer,…

  • CVE-2025-68622Jan 12, 2026
    risk 0.00cvss epss 0.00

    Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras. Prior to 2.4.0, a vulnerability in the esp-usb UVC host implementation allows a malicious USB Video Class (UVC) device to trigger a stack buffer overflow during configuration-descriptor parsing.…