Detections
Analytics

CVE-2026-10703

medium

Description

A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.

References

https://vuldb.com/vuln/368016/cti

https://vuldb.com/vuln/368016

https://vuldb.com/submit/830921

https://vuldb.com/cve/CVE-2026-10703

https://github.com/user-attachments/files/27100961/poc.zip

https://github.com/EIPStackGroup/OpENer/issues/566

https://github.com/EIPStackGroup/OpENer/

Details

Source: Mitre, NVD

Published: 2026-06-03

Updated: 2026-06-03

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.3

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Severity: Medium

CVSS v4

Base Score: 5.3

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Severity: Medium

EPSS

EPSS: 0.00046