CVE Catalog

CVE-2026-38570

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Summary

Version 1.3.1 of the bacnet_stack library contains an out-of-bounds read in the bacnet_tag_number_decode function, which can be exploited by attackers to cause a denial of service.

Risk Assessment

Exploitation of this vulnerability may lead to service unavailability, negatively impacting the organization's operations.

Recommendation

It is recommended to update the bacnet_stack library to the latest version to mitigate this vulnerability.

Original NVD description (English source)

bacnet_stack 1.3.1 contains an Out-of-bounds Read in bacnet_tag_number_decode which allows attackers to cause a denial of service.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS