OSV-2026-750

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wolfmqtt/OSV-2026-750.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2026-750

Published

2026-05-16T00:17:37.534349Z

Modified

2026-05-16T00:17:37.534631Z

Summary

Heap-buffer-overflow in MqttDecode_Props

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513047073

Crash type: Heap-buffer-overflow READ 1
Crash state:
MqttDecode_Props
MqttDecode_Disconnect
MqttClient_DecodePacket

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513047073

Affected packages

OSS-Fuzz / wolfmqtt

Package

Name: wolfmqtt
Purl: pkg:generic/wolfmqtt

Affected ranges

Type: GIT
Repo: https://github.com/wolfSSL/wolfMQTT.git
Events: Introduced

d7ac40ba2e1fb3d37590dcbca2aca2b9f142a6d2

Fixed

e1f13765dac64438f4f802532a33153ccb8a74d4

Affected versions

v1.*

v1.10.0

v1.11.0

v1.12.0

v1.13.0

v1.14.0

v1.14.1

v1.15.0

v1.15.1

v1.16.0

v1.17.0

v1.17.1

v1.18.0

v1.19.0

v1.19.1

v1.19.2

v1.20.0

v1.21.0

v1.8

v1.9

v2.*

v2.0.0

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

introduced_range

"unknown:d7ac40ba2e1fb3d37590dcbca2aca2b9f142a6d2"

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wolfmqtt/OSV-2026-750.yaml"

fixed_range

"21b93032a30b73edf648c129f2ca691259d52df3:e1f13765dac64438f4f802532a33153ccb8a74d4"