Security: openwrt/openwrt
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
ACL bypass and arbitrary root file read via cgi-io cgi-downloadGHSA-jw5r-xhf5-2xcq published
Jun 29, 2026 by haukeModerate -
odhcpd/LuCI: unauthenticated DHCPv6 client can inject lease-file lines via FQDN hostname → stored XSS in the LuCI admin UIGHSA-hhmc-92hw-535f published
Jun 29, 2026 by haukeCritical -
EAD Integer Underflow → Pre-Auth Denial of ServiceGHSA-9558-77jp-g3fw published
Jun 29, 2026 by haukeModerate -
procd: Command execution via PATH environment variable filter bypassGHSA-jw28-hxcm-j934 published
Mar 19, 2026 by aparcarLow -
jsonpath: Memory leak when processing strings, labels, and regexp tokensGHSA-rcc6-v4r6-gj4m published
Mar 19, 2026 by aparcarLow -
mdnsd: Stack buffer overflow in IPv6 reverse DNS lookupGHSA-mpgh-v658-jqv5 published
Mar 19, 2026 by aparcarCritical -
mdnsd: Stack buffer overflow in DNS PTR queryGHSA-7c3j-f7w2-p8f6 published
Mar 19, 2026 by aparcarCritical -
ubusd: heap buffer overflowGHSA-cp32-65v4-cp73 published
Oct 21, 2025 by haukeHigh -
ltq-ptm: local privilege escalationGHSA-h427-frpr-7cqr published
Oct 21, 2025 by haukeHigh
Learn more about advisories related to openwrt/openwrt in the GitHub Advisory Database