CVE-2025-50518

Published: Aug 14, 2025

Modified: Sep 11, 2025

PUBLISHED

Description

A use-after-free vulnerability exists in the coap_delete_pdu_lkd function within coap_pdu.c of the libcoap library. This issue occurs due to improper handling of memory after the freeing of a PDU object, leading to potential memory corruption or the possibility of executing arbitrary code. NOTE: this is disputed by the Supplier because it only occurs when an application uses libcoap incorrectly.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/IreneTheITCrowd/blog/blob/main/libcoap-vulnerability.md

https://github.com/IreneTheITCrowd/blog/issues/1

https://github.com/obgm/libcoap/issues/1724#issuecomment-3199631257

https://github.com/obgm/libcoap/issues/1724#issuecomment-3234613482

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-50518

Description

Affected Products

References