Monthly
Improper response routing in xiaozhi-esp32 firmware up to version 2.2.6 allows any authenticated WebSocket client to receive MCP (Model Context Protocol) responses intended for other connected clients, enabling cross-client information disclosure and low-integrity interference. The flaw resides in the ParseMessage function within main/mcp_server.cc, where the MCP Response Handler broadcasts responses globally to all connected WebSocket clients on port 8080 rather than routing replies back to the originating client. A public proof-of-concept is available via GitHub issue #2020; no active exploitation has been confirmed in CISA KEV, and the CVSS 4.0 score of 2.3 reflects high attack complexity and limited overall impact in this niche IoT context.
Improper synchronization in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. Rated low severity (CVSS 1.8), this vulnerability is low attack complexity. No vendor patch available.
vyper is a Pythonic Smart Contract Language for the EVM. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
A flaw was found in the QEMU NBD Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Evmos is a scalable, high-throughput Proof-of-Stake EVM blockchain that is fully compatible and interoperable with Ethereum. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
In adsp, there is a possible double free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In gpu, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In display drm, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In ccu, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In vcu, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
Improper response routing in xiaozhi-esp32 firmware up to version 2.2.6 allows any authenticated WebSocket client to receive MCP (Model Context Protocol) responses intended for other connected clients, enabling cross-client information disclosure and low-integrity interference. The flaw resides in the ParseMessage function within main/mcp_server.cc, where the MCP Response Handler broadcasts responses globally to all connected WebSocket clients on port 8080 rather than routing replies back to the originating client. A public proof-of-concept is available via GitHub issue #2020; no active exploitation has been confirmed in CISA KEV, and the CVSS 4.0 score of 2.3 reflects high attack complexity and limited overall impact in this niche IoT context.
Improper synchronization in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. Rated low severity (CVSS 1.8), this vulnerability is low attack complexity. No vendor patch available.
vyper is a Pythonic Smart Contract Language for the EVM. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
A flaw was found in the QEMU NBD Server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Evmos is a scalable, high-throughput Proof-of-Stake EVM blockchain that is fully compatible and interoperable with Ethereum. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
In adsp, there is a possible double free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In gpu, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In display drm, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In ccu, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In vcu, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.