Out-of-Bounds Read Vulnerability in libcoap Affecting CoAP Protocols
CVE-2026-29013

8.8HIGH

Key Information:

Vendor: Libcoap
Status: Libcoap
Vendor: CVE Published:; 17 April 2026

What is CVE-2026-29013?

libcoap features an out-of-bounds read vulnerability in the handling of OSCORE requests, specifically in Appendix B.2 related to CBOR unwrapping. The function get_byte_inc() in src/oscore/oscore_cbor.c solely uses assert() for bounds verification, a feature absent in release builds compiled with the NDEBUG flag. This flaw allows attackers to exploit malformed OSCORE options or responses in CoAP requests, which could lead to out-of-bounds reads during CBOR parsing. The resulting consequences may include heap buffer overflow writes due to integer wraparound during allocation size computations.

Affected Version(s)

libcoap 0

References

https://github.com/obgm/libcoap/commit/b7847c4dbb0dbee7c9...

patch

https://www.vulncheck.com/advisories/libcoap-out-of-bound...

third-party-advisory

CVSS V4

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 17, 2026
Vulnerability Reserved
Mar 3, 2026

Credit

Kazuma Matsumoto

CVE-2026-29013 Data

JSON