NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-41682

Summary	pupnp is an SDK for development of UPnP device and control point applications. Prior to version 1.18.5, pupnp is vulnerable to SRRF port confusion due to port truncation via atoi() cast in parse_uri(). This issue has been patched in version 1.18.5.
Publication Date	May 9, 2026, 8:16 a.m.
Registration Date	May 10, 2026, 4:10 a.m.
Last Update	May 9, 2026, 8:16 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/pupnp/pupnp/commit/def5f9a2bc42f5b3d713e37c516fbe840ce54b7b	security-advisories@github.com
2	https://github.com/pupnp/pupnp/releases/tag/release-1.18.5	security-advisories@github.com
3	https://github.com/pupnp/pupnp/security/advisories/GHSA-q522-6w45-4j58	security-advisories@github.com

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-918	サーバサイドリクエストフォージェリ	https://cwe.mitre.org/data/definitions/918.html
2	CWE-195	符号付き型から符号無し型への変換エラー	https://cwe.mitre.org/data/definitions/195.html