Skip to main content

Libcoap CVE-2025-34468

HIGH
Stack-based Buffer Overflow (CWE-121)
2025-12-31 disclosure@vulncheck.com
8.2
CVSS 4.0 · Vendor: vulncheck
Share

Severity by source

Vendor (vulncheck) PRIMARY
8.2 HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (vulncheck) · only source for this CVE.

CVSS VectorVendor: vulncheck

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Source Code Evidence Fetched
Jul 14, 2026 - 23:34 vuln.today
Analysis Generated
Jul 14, 2026 - 23:34 vuln.today
CVE Published
Dec 31, 2025 - 19:15 cve.org
HIGH 8.2

DescriptionCVE.org

libcoap versions up to and including 4.3.5, prior to commit 30db3ea, contain a stack-based buffer overflow in address resolution when attacker-controlled hostname data is copied into a fixed 256-byte stack buffer without proper bounds checking. A remote attacker can trigger a crash and potentially achieve remote code execution depending on compiler options and runtime memory protections. Exploitation requires the proxy logic to be enabled (i.e., the proxy request handling code path in an application using libcoap).

AnalysisAI

Availability loss and potential remote code execution in libcoap (versions up to and including 4.3.5, before commit 30db3ea) arises when attacker-controlled hostname data from a proxied CoAP URI is copied into a fixed 256-byte stack buffer during address resolution without bounds checking. A remote unauthenticated attacker can reliably crash any application that enables libcoap's proxy request handling, and may achieve code execution depending on the target's compiler hardening and runtime memory protections. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; the official CVSS 4.0 base score is 8.2, but that score reflects availability impact only (VA:H, VC:N/VI:N).

CVE-2024-0962 HIGH POC
7.8 Jan 27

A vulnerability was found in obgm libcoap 4.3.4. Rated high severity (CVSS 7.8), this vulnerability is low attack comple

CVE-2024-31031 HIGH POC
7.5 Apr 17

An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leadin

CVE-2023-30362 HIGH POC
7.5 Jun 23

Buffer Overflow vulnerability in coap_send function in libcoap library 4.3.1-103-g52cfd56 fixed in 4.3.1-120-ge242200 al

CVE-2023-35862 MEDIUM POC
6.5 Jun 19

libcoap 4.3.1 contains a buffer over-read via the function coap_parse_oscore_conf_mem at coap_oscore.c. Rated medium sev

CVE-2026-29013 HIGH
8.8 Apr 17

Out-of-bounds read in libcoap's OSCORE CBOR parsing can escalate to heap buffer overflow, enabling remote unauthenticate

CVE-2025-59391 MEDIUM
6.5 Dec 08

A memory disclosure vulnerability exists in libcoap's OSCORE configuration parser in libcoap before release-4.3.5-patche

CVE-2025-65501 MEDIUM
4.3 Nov 24

Null pointer dereference in coap_dtls_info_callback() in OISM libcoap 4.3.5 allows remote attackers to cause a denial of

CVE-2025-65500 MEDIUM
4.3 Nov 24

NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attack

CVE-2025-65499 MEDIUM
4.3 Nov 24

Array index error in tls_verify_call_back() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attackers to cause

CVE-2025-65498 MEDIUM
4.3 Nov 24

NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attack

CVE-2025-65497 MEDIUM
4.3 Nov 24

NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attack

CVE-2025-65496 MEDIUM
4.3 Nov 24

NULL pointer dereference in coap_dtls_generate_cookie() in src/coap_openssl.c in OISM libcoap 4.3.5 allows remote attack

Share

CVE-2025-34468 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy