๐Ÿ” CVE Alert

CVE-2026-51536

CRITICAL 9.1
CVSS Score
9.1
EPSS Score
0.2%
EPSS Percentile
9th

In OpENer 2.3.0 (commit 76b95cf) when parsing incoming CIP (Common Industrial Protocol) network packets, the length parameter is inconsistently typed across the call stack. Specifically, an upstream length calculated as an int is passed to a downstream function that expects an EipInt16 (a 16-bit signed integer). If a maliciously crafted packet with specific length fields is processed, the length parameter can overflow or be truncated into a negative value. This negative length bypasses subsequent bounds checking (due to signed/unsigned comparison issues) and is ultimately used in memory operations, leading to a Stack Buffer Overflow when reading data in DecodePaddedEPath.

Vendor n/a
Product n/a
Published Jul 13, 2026
Last Updated Jul 14, 2026
Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new critical vulnerabilities affecting n/a n/a are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

n/a / n/a
n/a

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/EIPStackGroup/OpENer/issues/563 gist.github.com: https://gist.github.com/MrAlaskan/e160c626a32e03e5d9eddaa732560672