ByteOS Network

NVD Vulnerability Details :

CVE-2026-42469

Analyzed

Source-cve@mitre.org

Published At-01 May, 2026 | 17:16

Updated At-20 May, 2026 | 15:18

Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_canswitch.cpp the parser does not properly validate a CANswitch DLC value, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted CANswitch frames.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	8.6	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Type: Secondary

Version: 3.1

Base score: 8.6

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CPE Matches

openvehicles>>open_vehicle_monitoring_system_firmware>>3.3.005

cpe:2.3:o:openvehicles:open_vehicle_monitoring_system_firmware:3.3.005:*:*:*:*:*:*:*

openvehicles>>open_vehicle_monitoring_system>>-

cpe:2.3:h:openvehicles:open_vehicle_monitoring_system:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-121	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

CWE ID: CWE-121

Type: Secondary

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://gist.github.com/sgInnora/f4ac66faeefe07a653ceeb3f58cdc381	cve@mitre.org	Third Party Advisory
https://github.com/openvehicles/Open-Vehicle-Monitoring-System-3/issues/1391	cve@mitre.org	Issue Tracking

Hyperlink: https://gist.github.com/sgInnora/f4ac66faeefe07a653ceeb3f58cdc381

Source: cve@mitre.org

Resource:

Third Party Advisory

Hyperlink: https://github.com/openvehicles/Open-Vehicle-Monitoring-System-3/issues/1391

Source: cve@mitre.org

Resource:

Issue Tracking

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History