CVE-2026-42469 is a high-severity buffer overflow affecting Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. According to the NVD record, the parser in canformat_canswitch.cpp does not properly validate a CANswitch DLC value, which can allow a remote attacker to send crafted CANswitch frames that may cause a denial of service and, potentially, arbitrary code execution. The vulnerability was published on [truncated]
CVE-2026-42468 is a high-severity buffer overflow in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005 affecting PCAP parsing in canformat_pcap.cpp. According to the CVE/NVD record, a crafted PCAP input can trigger the flaw and may cause denial of service or possibly arbitrary code execution. NVD marks the issue as analyzed and lists the affected firmware version as 3.3.005.
CVE-2026-37541 is a critical buffer overflow in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. According to the CVE record, canformat_gvret.cpp does not properly validate the length field in GVRET binary data, so crafted GVRET frames can trigger a denial of service and may permit arbitrary code execution. NVD classifies the issue as remotely exploitable with no privileges or user interaction required, [truncated]