Vulnerability Description
pupnp is an SDK for development of UPnP device and control point applications. Prior to version 1.18.5, pupnp is vulnerable to SRRF port confusion due to port truncation via atoi() cast in parse_uri(). This issue has been patched in version 1.18.5.
Related Weaknesses (CWE)
References
- https://github.com/pupnp/pupnp/commit/def5f9a2bc42f5b3d713e37c516fbe840ce54b7b
- https://github.com/pupnp/pupnp/releases/tag/release-1.18.5
- https://github.com/pupnp/pupnp/security/advisories/GHSA-q522-6w45-4j58
FAQ
What is CVE-2026-41682?
CVE-2026-41682 is a documented vulnerability. pupnp is an SDK for development of UPnP device and control point applications. Prior to version 1.18.5, pupnp is vulnerable to SRRF port confusion due to port truncation via atoi() cast in parse_uri()...
How severe is CVE-2026-41682?
CVSS scoring is not yet available for CVE-2026-41682. Check NVD for updates.
Is there a patch for CVE-2026-41682?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.