CVE-2026-6432
Awaiting Analysis Awaiting Analysis - Queue

Improper Bounds Validation in EmberZNet SDK

Vulnerability report for CVE-2026-6432, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: Silicon Graphics (SGI)

Description

Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-07-15
AI Q&A
2026-06-25
EPSS Evaluated
2026-07-14
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
silabs emberznet_sdk to 9.0.2 (exc)
siliconlabs emberznet_sdk to 9.0.2 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-130 The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability involves improper bounds validation in the EmberZNet SDK versions 9.0.2 and earlier. Due to this flaw, the software may experience crashes or dynamic memory leakage when processing certain inputs or operations.

Impact Analysis

The impact of this vulnerability includes potential crashes of the affected software, which can lead to denial of service or instability. Additionally, dynamic memory leakage may occur, potentially degrading system performance or causing unexpected behavior over time.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-6432. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart