Openvehicles CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Openvehicles CVE published 2026-05-01

CVE-2026-42469

CVE-2026-42469 is a high-severity buffer overflow affecting Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. According to the NVD record, the parser in canformat_canswitch.cpp does not properly validate a CANswitch DLC value, which can allow a remote attacker to send crafted CANswitch frames that may cause a denial of service and, potentially, arbitrary code execution. The vulnerability was published on [truncated]

HIGH Openvehicles CVE published 2026-05-01

CVE-2026-42468

CVE-2026-42468 is a high-severity buffer overflow in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005 affecting PCAP parsing in canformat_pcap.cpp. According to the CVE/NVD record, a crafted PCAP input can trigger the flaw and may cause denial of service or possibly arbitrary code execution. NVD marks the issue as analyzed and lists the affected firmware version as 3.3.005.