bluekitchen-gmbh CVE Vulnerabilities & CVE List (3)

Products (CPE): — CVEs: 3

bluekitchen-gmbh vulnerability overview

Aggregates CVE and security vulnerability intelligence across all bluekitchen-gmbh-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk buffer overflow and vendor risk memory corruption and related problems; some flaws may lead to vendor impact application crash and vendor impact memory corruption.

Vulnerability distribution trend (last 24 months)

Showing 13 of 3 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-28528 BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Browsing Target GET_FOLDER_ITEMS handler that fails to validate packet boundaries and attribute count data. An attacker with a paired Bluetooth Classic connection can exploit insufficient bounds checking on the attr_id parameter to cause crashes and corrupt attribute bitmap state. [email protected] 2.1 0.14% 2026-03-30 2026-06-17
CVE-2026-28527 BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller GET_PLAYER_APPLICATION_SETTING_ATTRIBUTE_TEXT and GET_PLAYER_APPLICATION_SETTING_VALUE_TEXT handlers that allows nearby attackers to read beyond packet boundaries. Attackers can establish a paired Bluetooth Classic connection and send specially crafted VENDOR_DEPENDENT responses to trigger out-of-bounds reads, causing information disclosure and potential crashes on affected devices. [email protected] 2.1 0.16% 2026-03-30 2026-06-17
CVE-2026-28526 BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller LIST_PLAYER_APPLICATION_SETTING_ATTRIBUTES and LIST_PLAYER_APPLICATION_SETTING_VALUES handlers that allows attackers to read beyond buffer boundaries. A nearby attacker with a paired Bluetooth Classic connection can send a specially crafted VENDOR_DEPENDENT response with an attacker-controlled count value to trigger an out-of-bounds read from the L2CAP receive buffer, potentially causi [email protected] 2.1 0.14% 2026-03-30 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence