CVE-2026-15690

Source
https://cve.org/CVERecord?id=CVE-2026-15690
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-15690.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-15690
Downstream
Published
2026-07-14T11:45:07.861Z
Modified
2026-07-16T03:48:17.760680835Z
Severity
  • 1.3 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
open62541 Shared Client ua_client_connect.c responseReadNamespacesArray null pointer dereference
Details

A vulnerability was identified in open62541 up to 1.5.5. Affected by this issue is the function responseReadNamespacesArray of the file src/client/uaclientconnect.c of the component Shared Client Library. Such manipulation of the argument Server_NamespaceArray leads to null pointer dereference. The attack can be executed remotely. The attack requires a high level of complexity. The exploitation is known to be difficult. The exploit is publicly available and might be used. The project closed the issue report, stating that this is not the official way to report a security vulnerability.

Database specific
{
    "cwe_ids": [
        "CWE-404",
        "CWE-476"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/15xxx/CVE-2026-15690.json",
    "cna_assigner": "VulDB"
}
References

Affected packages

Git / github.com/open62541/open62541

Affected ranges

Type
GIT
Repo
https://github.com/open62541/open62541
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "1.5.0"
        },
        {
            "last_affected": "1.5.0"
        },
        {
            "introduced": "1.5.1"
        },
        {
            "last_affected": "1.5.1"
        },
        {
            "introduced": "1.5.2"
        },
        {
            "last_affected": "1.5.2"
        },
        {
            "introduced": "1.5.3"
        },
        {
            "last_affected": "1.5.3"
        },
        {
            "introduced": "1.5.4"
        },
        {
            "last_affected": "1.5.4"
        },
        {
            "introduced": "1.5.5"
        },
        {
            "last_affected": "1.5.5"
        }
    ],
    "source": "AFFECTED_FIELD"
}

Affected versions

1.*
1.5.0
1.5.1
1.5.2
1.5.3
1.5.4
1.5.5
v1.*
v1.5.0
v1.5.1
v1.5.2
v1.5.3
v1.5.4
v1.5.5

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-15690.json"