CVE-2026-37539

CRITICAL NVD

CVSS Score 9.8

Severity CRITICAL

Published May 01, 2026

Vendor unknown

Description

Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted CAN FD frames.

References

https://gist.github.com/sgInnora/f4ac66faeefe07a653ceeb3f58cdc381
https://github.com/mguentner/cannelloni