CVE-2026-15690
open62541 Shared Client ua_client_connect.c responseReadNamespacesArray null pointer dereference
CVSS Score
3.1
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability was identified in open62541 up to 1.5.5. Affected by this issue is the function responseReadNamespacesArray of the file src/client/ua_client_connect.c of the component Shared Client Library. Such manipulation of the argument Server_NamespaceArray leads to null pointer dereference. The attack can be executed remotely. The attack requires a high level of complexity. The exploitation is known to be difficult. The exploit is publicly available and might be used. The project closed the issue report, stating that this is not the official way to report a security vulnerability.
| CWE | CWE-476 CWE-404 |
| Vendor | n/a |
| Product | open62541 |
| Published | Jul 14, 2026 |
| Last Updated | Jul 14, 2026 |
Stay Ahead of the Next One
Get instant alerts for n/a open62541
Be the first to know when new low vulnerabilities affecting n/a open62541 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
n/a / open62541
1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5
References
Credits
Chuan Wei ๐ VULL (VulDB User) VULL (VulDB User) VulDB CNA Team