CVE-2026-37534
CriticalSummary
CVE-2026-37534 describes an integer underflow vulnerability in Open-SAE-J1939, allowing attackers to write to arbitrary memory via a crafted sequence number from the CAN frame.
Risk Assessment
Attackers could exploit this vulnerability to inject malicious code or manipulate memory, potentially leading to severe consequences for system integrity.
Recommendation
It is recommended to update to the latest version of Open-SAE-J1939 to mitigate this vulnerability and to monitor systems for unauthorized activities.
Original NVD description (English source)
Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Transport_Protocol_Data_Transfer,allows attackers to write to arbitrary memory via crafted sequence number from the CAN frame.

