cbcvebase.
CVE-2026-20408
published 2026-02-02

CVE-2026-20408: In wlan, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no…

PriorityP353high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
EPSS
0.27%
18.2th percentile
In wlan, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00461651; Issue ID: MSV-4758.

Affected

10 ranges
VendorProductVersion rangeFixed in
mediateksoftware_development_kit<= 7.6.7.2
mediatek_incmediatek_chipset
mediatek_incmediatek_chipset
mediatek_incmediatek_chipset
mediatek_incmediatek_chipset
mediatek_incmediatek_chipset
mediatek_incmediatek_chipset
openwrtopenwrt
openwrtopenwrt
openwrtopenwrt
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.