PatchSiren

Nuvoton CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

LOW Nuvoton CVE published 2026-07-12

CVE-2026-10668

The Nuvoton NuMaker HSUSBD USB device-controller driver has a vulnerability that allows a malicious or buggy host to repeatedly cancel-and-re-SETUP to wedge the device's USB control endpoint, denying service to the device's USB function. The flaw is an availability-only denial of service, with no out-of-bounds access, use-after-free, or information leak. The vulnerability affects boards using the Nuvoton [truncated]