(mynewt-site) branch master updated: Add new public CVEs

Thu, 08 Jan 2026 03:15:48 -0800 

This is an automated email from the ASF dual-hosted git repository.

janc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-site.git


The following commit(s) were added to refs/heads/master by this push:
     new 0e65df1c72 Add new public CVEs
0e65df1c72 is described below

commit 0e65df1c7234e1ddcbd19a83d37084e9ea13532c
Author: Szymon Janc <[email protected]>
AuthorDate: Thu Jan 8 11:31:03 2026 +0100

    Add new public CVEs
---
 docs/cve.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/docs/cve.md b/docs/cve.md
index c3d353d124..ec80dcce9a 100644
--- a/docs/cve.md
+++ b/docs/cve.md
@@ -5,8 +5,12 @@ in Apache Mynewt.
 
 | CVE-ID                                                                       
 | Description                          | Releases Affected    | Release Fixed |
 
|-------------------------------------------------------------------------------|--------------------------------------|----------------------|---------------|
-| <a href="https://www.cve.org/CVERecord?id=CVE-2024-24746";>CVE-2024-24746 
</a> | Loop with Unreachable Exit Condition | NimBLE through 1.6.0 | NimBLE 
1.7.0  |
+| <a href="https://www.cve.org/CVERecord?id=CVE-2025-52435";>CVE-2025-52435 
</a> | Invalid error handling in pause encryption procedure in NimBLE 
controller | NimBLE through 1.8.0 | NimBLE 1.9.0  |
+| <a href="https://www.cve.org/CVERecord?id=CVE-2025-53470";>CVE-2025-53470 
</a> | Out-of-Bounds Write Vulnerability in NimBLE HCI H4 driver | NimBLE 
through 1.8.0 | NimBLE 1.9.0  |
+| <a href="https://www.cve.org/CVERecord?id=CVE-2025-53477";>CVE-2025-53477 
</a> | NULL Pointer Dereference in NimBLE host HCI layer | NimBLE through 1.8.0 
| NimBLE 1.9.0  |
+| <a href="https://www.cve.org/CVERecord?id=CVE-2025-62235";>CVE-2025-62235 
</a> | Incorrect handling of SMP Security Request could lead to undesirable 
pairing | NimBLE through 1.8.0 | NimBLE 1.9.0  |
 | <a href="https://www.cve.org/CVERecord?id=CVE-2024-47248";>CVE-2024-47248 
</a> | Buffer overflow in NimBLE MESH Bluetooth stack | NimBLE through 1.7.0 | 
NimBLE 1.8.0  |
 | <a href="https://www.cve.org/CVERecord?id=CVE-2024-47249";>CVE-2024-47249 
</a> | Lack of input sanitization leading to out-of-bound reads in multiple 
advertisement handler | NimBLE through 1.7.0 | NimBLE 1.8.0  |
 | <a href="https://www.cve.org/CVERecord?id=CVE-2024-47250";>CVE-2024-47250 
</a> | Lack of input validation in HCI advertising report could lead to 
potential out-of-bound access | NimBLE through 1.7.0 | NimBLE 1.8.0  |
 | <a href="https://www.cve.org/CVERecord?id=CVE-2024-51569";>CVE-2024-51569 
</a> | Lack of input sanitization leading to out-of-bound reads in Number of 
Completed Packets HCI event handler | NimBLE through 1.7.0 | NimBLE 1.8.0  |
+| <a href="https://www.cve.org/CVERecord?id=CVE-2024-24746";>CVE-2024-24746 
</a> | Loop with Unreachable Exit Condition | NimBLE through 1.6.0 | NimBLE 
1.7.0  |

Reply via email to