Bacnetstack Bacnet Stack — known CVE vulnerabilities
Every CVE whose affected-product data names Bacnetstack Bacnet Stack, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2023-51773 — CVSS 9.1 (critical): BACnet Stack before 1.3.2 has a decode function APDU buffer over-read in bacapp_decode_application_data in bacapp.c.
CVE-2026-41475 — CVSS 9.1 (critical): BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in…
CVE-2026-26264 — CVSS 8.1 (high): BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0rc4 and 1.4.3rc2, a malformed…
CVE-2026-21878 — CVSS 7.5 (high): BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered…
CVE-2025-66624 — CVSS 7.5 (high): BACnet Protocol Stack library provides a BACnet application layer, network layer and media access (MAC) layer communications services…
CVE-2026-41502 — CVSS 7.5 (high): BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read…
CVE-2026-41503 — CVSS 7.5 (high): BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in…
CVE-2026-21870 — CVSS 5.5 (medium): BACnet Protocol Stack library provides a BACnet application layer, network layer and media access (MAC) layer communications services. In…
CVE-2026-40279 — CVSS 3.7 (low): BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decode_signed32() in…