๐Ÿ” CVE Alert

CVE-2026-16225

MEDIUM 6.3

davenardella snap7 s7_peer.cpp NegotiatePDULength out-of-bounds write

CVSS Score
6.3
EPSS Score
0.0%
EPSS Percentile
0th

A security flaw has been discovered in davenardella snap7 up to 1.4.3. The impacted element is the function TSnap7Peer::NegotiatePDULength of the file src/core/s7_peer.cpp. The manipulation of the argument PDULength results in out-of-bounds write. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.

CWE CWE-787 CWE-119
Vendor davenardella
Product snap7
Published Jul 19, 2026
Stay Ahead of the Next One

Get instant alerts for davenardella snap7

Be the first to know when new medium vulnerabilities affecting davenardella snap7 are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

davenardella / snap7
1.4.0 1.4.1 1.4.2 1.4.3

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
vuldb.com: https://vuldb.com/vuln/380047 vuldb.com: https://vuldb.com/vuln/380047/cti vuldb.com: https://vuldb.com/cve/CVE-2026-16225 vuldb.com: https://vuldb.com/submit/858228 github.com: https://github.com/davenardella/snap7/issues/17 github.com: https://github.com/davenardella/snap7/

Credits

Chuan Wei ๐Ÿ” VULL (VulDB User) VULL (VulDB User)