Vulnerability DatabaseCVE-2026-23748
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2026-23748
February 26, 2026
Golioth Firmware SDK version 0.10.0 prior to 0.22.0, fixed in commit d7f55b38, contain an out-of-bounds read in LightDB State string parsing. When processing a string payload, a payload_size value less than 2 can cause a size_t underflow when computing the number of bytes to copy (nbytes). The subsequent memcpy() reads past the end of the network buffer, which can crash the device. The condition is reachable from on_payload, and golioth_payload_is_null() does not block payload_size==1. A malicious server or MITM can trigger a denial of service.
Affected Packages
https://github.com/golioth/golioth-firmware-sdk.git (GITHUB):
Affected version(s) >=v0.10.0 <v0.22.0
Fix Suggestion:
Update to version v0.22.0
Related Resources (5)
https://secmate.dev/disclosures/SECMATE-2025-0016
https://github.com/golioth/golioth-firmware-sdk/commit/d7f55b380d8be8b29bd101ce06e421af2e88c12b
https://blog.secmate.dev/posts/golioth-vulnerabilities-disclosure/
https://www.vulncheck.com/advisories/golioth-firmware-sdk-lightdb-state-out-of-bounds-read
https://github.com/golioth/golioth-firmware-sdk/releases/tag/v0.22.0
Do you need more information?
Contact Us
CVSS v4
Base Score:
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
PRESENT
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
NONE
Vulnerable System Availability
LOW
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
3.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW
Weakness Type (CWE)
Integer Underflow (Wrap or Wraparound)
CWE-191
EPSS
Base Score:
0.05