CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-4526

In EmberZNet v9.0.2 and earlier, malformed global ZCL messages can trigger out-of-bounds reads in framework parsing logic and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed.

Exploit prediction scoring system (EPSS) score

CVSS Severity

CVSS v3 Score 6.5

References

https://github.com/SiliconLabsSoftware/sisdk-release/
https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm00000pEGPQIA4?operationContext=S1

Products affected by CVE-2026-4526

Silabs » Emberznet » Version: 1.0.0

cpe:2.3:a:silabs:emberznet:1.0.0
Silabs » Emberznet » Version: 7.1.3

cpe:2.3:a:silabs:emberznet:7.1.3
Silabs » Emberznet » Version: 7.1.5

cpe:2.3:a:silabs:emberznet:7.1.5
Silabs » Emberznet » Version: 7.2.0

cpe:2.3:a:silabs:emberznet:7.2.0
Silabs » Emberznet » Version: 7.2.3

cpe:2.3:a:silabs:emberznet:7.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-4526

Products

Pricing

Contact Us