CVE-2026-42468
Buffer Overflow in Open Vehicle Monitoring System 3
Publication date: 2026-05-01
Last updated on: 2026-05-01
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| open_vehicle_monitoring_system | ovms3 | 3.3.005 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a buffer overflow in the Open Vehicle Monitoring System 3 (OVMS3) version 3.3.005. Specifically, in the canformat_pcap.cpp file, the parser's phdr.len field is not properly validated. This improper validation allows remote attackers to exploit crafted PCAP input to cause a denial of service or potentially execute arbitrary code.
How can this vulnerability impact me? :
The impact of this vulnerability includes the possibility for remote attackers to cause a denial of service, which could disrupt the normal operation of the Open Vehicle Monitoring System. Additionally, there is a risk that attackers could execute arbitrary code, potentially gaining control over the affected system or causing further damage.