Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents.
Conclusion & alert: CVE-2021-26365 is rated Moderate Risk (47.7/100): CVSS High severity, with low exploitation likelihood (EPSS 0.57%). Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.51% | 0.57% | +0.06% |
| 2 | 2026-05-28 | 0.41% | 0.51% | +0.10% |
| 3 | 2026-05-24 | — | 0.41% | — |
Full EPSS history (11 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 8.2 | 3.1 | HIGH |
|
3.9 | 4.2 | [email protected] |
| 8.2 | 3.1 | HIGH |
|
3.9 | 4.2 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| amd | ryzen_5_2400g_firmware | — | cpe:2.3:o:amd:ryzen_5_2400g_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_5_2400ge_firmware | — | cpe:2.3:o:amd:ryzen_5_2400ge_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_3_2200ge_firmware | — | cpe:2.3:o:amd:ryzen_3_2200ge_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_3_2200g_firmware | — | cpe:2.3:o:amd:ryzen_3_2200g_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_3_pro_2100ge_firmware | — | cpe:2.3:o:amd:ryzen_3_pro_2100ge_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_9_5900x_firmware | — | cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_9_5950x_firmware | — | cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_9_5900_firmware | — | cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_7_5800_firmware | — | cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_7_5800x_firmware | — | cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_7_5800x3d_firmware | — | cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_7_5700x_firmware | — | cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_5_5600_firmware | — | cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_5_5600x_firmware | — | cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_5_5500_firmware | — | cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_3_3200u_firmware | < picassopi-fp5_1.0.0.d | cpe:2.3:o:amd:ryzen_3_3200u_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_3_3250c_firmware | < picassopi-fp5_1.0.0.d | cpe:2.3:o:amd:ryzen_3_3250c_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_3_3250u_firmware | < picassopi-fp5_1.0.0.d | cpe:2.3:o:amd:ryzen_3_3250u_firmware:*:*:*:*:*:*:*:* |
| amd | amd_3015e_firmware | < pollockpi-ft5_1.0.0.3 | cpe:2.3:o:amd:amd_3015e_firmware:*:*:*:*:*:*:*:* |
| amd | amd_3015ce_firmware | < pollockpi-ft5_1.0.0.3 | cpe:2.3:o:amd:amd_3015ce_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_7_2800h_firmware | — | cpe:2.3:o:amd:ryzen_7_2800h_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_7_2700u_firmware | — | cpe:2.3:o:amd:ryzen_7_2700u_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_5_2600h_firmware | — | cpe:2.3:o:amd:ryzen_5_2600h_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_5_2500u_firmware | — | cpe:2.3:o:amd:ryzen_5_2500u_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_3_2300u_firmware | — | cpe:2.3:o:amd:ryzen_3_2300u_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_3_2200u_firmware | — | cpe:2.3:o:amd:ryzen_3_2200u_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_5_3400g_firmware | — | cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_5_pro_3400g_firmware | — | cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_5_pro_3400ge_firmware | — | cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_5_pro_3350g_firmware | — | cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_5_pro_3350ge_firmware | — | cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_3_pro_3200g_firmware | — | cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_3_3200g_firmware | — | cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_3_3200ge_firmware | — | cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_3_pro_3200ge_firmware | — | cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:* |
| amd | ryzen_7_5700u_firmware | < cezannepi-fp6_1.0.0.8 | cpe:2.3:o:amd:ryzen_7_5700u_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_5_5500u_firmware | < cezannepi-fp6_1.0.0.8 | cpe:2.3:o:amd:ryzen_5_5500u_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_3_5300u_firmware | < cezannepi-fp6_1.0.0.8 | cpe:2.3:o:amd:ryzen_3_5300u_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_7_5700g_firmware | < cezannepi-fp6_1.0.0.8 | cpe:2.3:o:amd:ryzen_7_5700g_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_7_5700ge_firmware | < cezannepi-fp6_1.0.0.8 | cpe:2.3:o:amd:ryzen_7_5700ge_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_5_5600g_firmware | < cezannepi-fp6_1.0.0.8 | cpe:2.3:o:amd:ryzen_5_5600g_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_5_5600ge_firmware | < cezannepi-fp6_1.0.0.8 | cpe:2.3:o:amd:ryzen_5_5600ge_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_3_5300g_firmware | < cezannepi-fp6_1.0.0.8 | cpe:2.3:o:amd:ryzen_3_5300g_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_3_5300ge_firmware | < cezannepi-fp6_1.0.0.8 | cpe:2.3:o:amd:ryzen_3_5300ge_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_9_6980hx_firmware | < rmb_1.0.0.4 | cpe:2.3:o:amd:ryzen_9_6980hx_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_9_6980hs_firmware | < rmb_1.0.0.4 | cpe:2.3:o:amd:ryzen_9_6980hs_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_9_6900hx_firmware | < rmb_1.0.0.4 | cpe:2.3:o:amd:ryzen_9_6900hx_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_9_6900hs_firmware | < rmb_1.0.0.4 | cpe:2.3:o:amd:ryzen_9_6900hs_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_7_6800h_firmware | < rmb_1.0.0.4 | cpe:2.3:o:amd:ryzen_7_6800h_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_7_6800hs_firmware | < rmb_1.0.0.4 | cpe:2.3:o:amd:ryzen_7_6800hs_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_7_6800u_firmware | < rmb_1.0.0.4 | cpe:2.3:o:amd:ryzen_7_6800u_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_5_6600h_firmware | < rmb_1.0.0.4 | cpe:2.3:o:amd:ryzen_5_6600h_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_5_6600hs_firmware | < rmb_1.0.0.4 | cpe:2.3:o:amd:ryzen_5_6600hs_firmware:*:*:*:*:*:*:*:* |
| amd | ryzen_5_6600u_firmware | < rmb_1.0.0.4 | cpe:2.3:o:amd:ryzen_5_6600u_firmware:*:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 | Vendor Advisory |