PatchSiren cyber security CVE debrief
CVE-2026-15690 open62541 CVE debrief
A vulnerability was identified in open62541 up to 1.5.5. The issue affects the function responseReadNamespacesArray in the file src/client/ua_client_connect.c of the Shared Client Library. This vulnerability leads to a null pointer dereference when manipulating the Server_NamespaceArray argument. The attack can be executed remotely but requires a high level of complexity. According to the project, the issue report was closed, stating that this is not the official way to report a security vulnerability.
- Vendor
- open62541
- Product
- open62541
- CVSS
- LOW 1.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-14
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-07-14
- Advisory updated
- 2026-07-14
Who should care
Users of open62541 up to version 1.5.5 should be aware of this vulnerability and take necessary precautions. Due to the high complexity of exploitation and the remote nature of the attack, users should verify their inventory and apply vendor remediation if available.
Technical summary
The vulnerability CVE-2026-15690 is caused by a null pointer dereference in the responseReadNamespacesArray function of the open62541 Shared Client Library. This issue is exploitable remotely with high complexity. The CVSS score is 1.3, indicating a low severity. The vulnerability is associated with CWE-404 and CWE-476. Users of open62541 up to version 1.5.5 should be aware of this vulnerability and take necessary precautions. Due to the high complexity of exploitation and the remote nature of the attack, users should verify their inventory and apply vendor remediation if available.
Defensive priority
Given the low CVSS score and high complexity of exploitation, this vulnerability should be addressed but not at the highest priority. Users should ensure they are running a version of open62541 that has addressed this issue, if available.
Recommended defensive actions
- Verify inventory of open62541 installations
- Check for and apply vendor remediation
- Monitor for exploitation attempts
- Implement compensating controls if necessary
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
Evidence notes
The CVE record was published on 2026-07-14T12:16:55.947Z and has not been modified since then. The NVD entry is currently in the 'Received' status. Limited details are available about the official way to report this security vulnerability.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-14T12:16:55.947Z and has not been modified since then. The NVD entry is currently in the 'Received' status.