MEDIUM
openwrt
CVE published 2026-07-07
CVE-2026-55490
CVE-2026-55490 is an integer underflow vulnerability in OpenWrt's Emergency Access Daemon. Before v25.12.5, an unauthenticated attacker on the local network can crash the daemon by sending a single crafted UDP packet. The message length underflows before a bounds check and is then passed to memcpy as a very large size. This issue is fixed in v25.12.5. The vulnerability has a CVSS score of 6.5 and is class [truncated]