CVE-2026-25139

CRITICAL

RIOT <2025.10 - Memory Corruption

Title source: llm

Description

RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) devices and other embedded devices. In version 2025.10 and prior, multiple out-of-bounds read allow any unauthenticated user, with ability to send or manipulate input packets, to read adjacent memory locations, or crash a vulnerable device running the 6LoWPAN stack. The received packet is cast into a sixlowpan_sfr_rfrag_t struct and dereferenced without validating the packet is large enough to contain the struct object. At time of publication, no known patch exists.

References (1)

[Vendor Advisory] https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-c8fh-23qr-97mc

Scores

CVSS v3 9.1

EPSS 0.0021

EPSS Percentile 43.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-125

Status published

Products (1)

riot-os/riot < 2025.10

Published Feb 04, 2026

Tracked Since Feb 18, 2026