VYPR
Vendor

Bacnetstack

Products
3
CVEs
12
Across products
14
Status
Private

Products

3

Recent CVEs

12
  • CVE-2018-10238CriApr 20, 2018
    risk 0.64cvss 9.8epss 0.02

    bvlc.c in skarg BACnet Protocol Stack bacserv 0.9.1 and 0.8.5 is affected by a Buffer Overflow because of a lack of packet-size validation. The affected component is bacserv BACnet/IP BVLC forwarded NPDU. The function bvlc_bdt_forward_npdu() calls bvlc_encode_forwarded_npdu()…

  • CVE-2026-41475CriApr 24, 2026
    risk 0.52cvss 9.1epss 0.00

    BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's WritePropertyMultiple service decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by…

  • CVE-2026-38570HigJun 4, 2026
    risk 0.49cvss 7.5epss 0.00

    bacnet_stack 1.3.1 contains an Out-of-bounds Read in bacnet_tag_number_decode which allows attackers to cause a denial of service.

  • CVE-2026-41503HigApr 24, 2026
    risk 0.42cvss 7.5epss 0.00

    BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer…

  • CVE-2026-41502HigApr 24, 2026
    risk 0.42cvss 7.5epss 0.00

    BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decoder allows unauthenticated remote attackers to read one byte past an allocated…

  • CVE-2026-40279LowApr 21, 2026
    risk 0.24cvss 3.7epss 0.00

    BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decode_signed32() in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set (value ≥…

  • CVE-2019-12480May 30, 2019
    risk 0.04cvss epss 0.34

    BACnet Protocol Stack through 0.8.6 has a segmentation fault leading to denial of service in BACnet APDU Layer because a malformed DCC in AtomicWriteFile, AtomicReadFile and DeviceCommunicationControl services. An unauthenticated remote attacker could cause a denial of service…

  • CVE-2026-26264Feb 13, 2026
    risk 0.00cvss epss 0.00

    BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0rc4 and 1.4.3rc2, a malformed WriteProperty request can trigger a length underflow in the BACnet stack, leading to an out‑of‑bounds read and a crash (DoS). The issue is in wp.c…

  • CVE-2026-21878Feb 13, 2026
    risk 0.00cvss epss 0.00

    BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to…

  • CVE-2026-21870Feb 13, 2026
    risk 0.00cvss epss 0.00

    BACnet Protocol Stack library provides a BACnet application layer, network layer and media access (MAC) layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash (SIGABRT) when processing…

  • CVE-2025-66624Dec 5, 2025
    risk 0.00cvss epss 0.00

    BACnet Protocol Stack library provides a BACnet application layer, network layer and media access (MAC) layer communications services. Prior to 1.5.0.rc2, The npdu_is_expected_reply function in src/bacnet/npdu.c indexes request_pdu[offset+2/3/5] and reply_pdu[offset+1/2/4]…

  • CVE-2023-51773Dec 25, 2023
    risk 0.00cvss epss 0.01

    BACnet Stack before 1.3.2 has a decode function APDU buffer over-read in bacapp_decode_application_data in bacapp.c.