PatchSiren

openwrt CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM openwrt CVE published 2026-07-07

CVE-2026-55490

CVE-2026-55490 is an integer underflow vulnerability in OpenWrt's Emergency Access Daemon. Before v25.12.5, an unauthenticated attacker on the local network can crash the daemon by sending a single crafted UDP packet. The message length underflows before a bounds check and is then passed to memcpy as a very large size. This issue is fixed in v25.12.5. The vulnerability has a CVSS score of 6.5 and is class [truncated]