VYPR
Vendor

Openthread

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2019-20791CriApr 28, 2020
    risk 0.57cvss 9.8epss 0.01

    OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc.

  • CVE-2023-2626HigJul 25, 2023
    risk 0.49cvss 7.5epss 0.00

    There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks,…

  • CVE-2021-33889MedJul 2, 2021
    risk 0.44cvss 6.8epss 0.00

    OpenThread wpantund through 2021-07-02 has a stack-based Buffer Overflow because of an inconsistency in the integer data type for metric_len.

  • CVE-2026-8369MedMay 13, 2026
    risk 0.32cvss epss 0.00

    Improper Input Validation in the NAT64 translator in The OpenThread Authors OpenThread before commit 26a882d on all platforms allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh or bypass security checks via crafted IPv4 packets…

  • CVE-2020-8916MedJul 7, 2020
    risk 0.00cvss 5.0epss 0.00

    A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver (eg: debug environments) can allow an attacker to crash the service (DoS). We…