Skip to main content

Flipper Zero Firmware CVE-2026-30363

| EUVD-2026-26705 HIGH
Stack-based Buffer Overflow (CWE-121)
2026-05-01 cve@mitre.org
Buffer Overflow Stack Overflow
8.4
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

5
Analysis Generated
May 01, 2026 - 21:30 vuln.today
CVSS changed
May 01, 2026 - 21:22 NVD
8.4 (None) 8.4 (HIGH)
EUVD ID Assigned
May 01, 2026 - 19:22 euvd
EUVD-2026-26705
Analysis Generated
May 01, 2026 - 19:22 vuln.today
CVE Published
May 01, 2026 - 19:16 nvd
HIGH 8.4

DescriptionNVD

flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function.

AnalysisAI

Stack overflow in Flipper Zero Firmware (commit ad2a80) enables local arbitrary code execution with high privileges through exploitation of the Main function. SSVC framework confirms POC availability and total technical impact. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Inventory all Flipper Zero devices in your organization and identify those running commit ad2a80 or earlier; isolate affected devices from network access and restrict physical access to authorized personnel only. Within 7 days: Monitor the official Flipper Zero GitHub repository and vendor advisories for patch availability; document current firmware versions across all devices and establish a patch deployment procedure. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-30363 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy