CVE-2026-10672 - Unterminated URI buffer causes out-of-bounds read in LwM2M firmware pull (Package URI)
CVE ID :CVE-2026-10672 Published : July 14, 2026, 3:16 p.m. | 1 hour, 17 minutes ago Description :subsys/net/lib/lwm2m/lwm2m_pull_context.c copied the firmware-update Package URI into a fixed static buffer (context.uri, size CONFIG_LWM2M_SWMGMT_PACKAGE_URI_LEN, default 128) with...