CVE-2021-26461 | malloc, realloc and memalign implementations are vulnerable to integer wrap-arounds
Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
Conclusion & alert: CVE-2021-26461 is rated High Risk (74.1/100): CVSS Critical severity, with high exploitation likelihood (EPSS 5.04%, 91th percentile).Core evidence: EPSS ranks this CVE among the most likely to be exploited in the near term. EPSS rose +2.99% over the last day, indicating growing attacker interest.Mandatory action: High exploitation likelihood—assess exposure and prioritize remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Exploit prediction scoring system (EPSS) score for CVE-2021-26461
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).