What is the CVSS score of CVE-2026-21878?

CVE-2026-21878 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N. EPSS exploitation probability: 0.1%.

Which versions of Bacnet Stack are affected by CVE-2026-21878?

CVE-2026-21878 affects BACnet Stack, a protocol library used in building automation and industrial control systems.. A patch is available.

Is there a public PoC exploit available for CVE-2026-21878?

Yes, a public proof-of-concept exploit is available for CVE-2026-21878. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2026-21878?

Within 24 hours: Identify all systems and devices running BACnet Stack and document their criticality; assess network exposure of affected assets. Within 7 days: Prioritize patching of critical and exposed BACnet systems; coordinate with equipment vendors for patch availability and compatibility testing. Within 30 days: Complete patch deployment across all BACnet Stack instances; validate patches in production environments and document completion.

Bacnet Stack CVE-2026-21878

HIGH

Path Traversal (CWE-22)

2026-02-13 security-advisories@github.com

Path Traversal Bacnet Stack

7.5

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

7.5 HIGH

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:02 vuln.today

PoC Detected

Feb 18, 2026 - 18:49 vuln.today

Public exploit code

Patch released

Feb 18, 2026 - 18:49 nvd

Patch available

CVE Published

Feb 13, 2026 - 19:17 nvd

HIGH 7.5

DescriptionGitHub Advisory

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary directories. This affects apps/readfile/main.c and ports/posix/bacfile-posix.c. This vulnerability is fixed in 1.5.0.rc3.

AnalysisAI

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. [CVSS 7.5 HIGH]

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Send crafted BACnet request with malicious file path

Exploit

Path validation bypassed in file writing function

Impact

Write arbitrary files to system directories

Access

Send crafted BACnet request with malicious file path

Exploit

Path validation bypassed in file writing function

Impact

Write arbitrary files to system directories

Vulnerability AssessmentAI

Exploitation	BACnet Stack versions prior to 1.5.0.rc3 with file writing functionality enabled. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 7.5 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker could exploit this vulnerability to compromise the affected system.
Remediation	A vendor patch is available — apply it immediately. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all systems and devices running BACnet Stack and document their criticality; assess network exposure of affected assets. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-21878 vulnerability details – vuln.today

Back

Bacnet Stack CVE-2026-21878

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code