Home › Vendors › Philips › Hue Bridge V2 FirmwarePhilips Hue Bridge V2 Firmware — known CVE vulnerabilities Every CVE whose affected-product data names Philips Hue Bridge V2 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9) CVE-2026-3560 — CVSS 8.8 (high) : Philips Hue Bridge HomeKit hk_hap_pair_storage_put Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability…CVE-2026-3562 — CVSS 8.8 (high) : Philips Hue Bridge hk_hap Ed25519 Signature Verification Authentication Bypass Vulnerability. This vulnerability allows network-adjacent…CVE-2026-3556 — CVSS 8.8 (high) : Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows…CVE-2026-3558 — CVSS 8.1 (high) : Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass Vulnerability. This vulnerability allows…CVE-2026-3559 — CVSS 8.1 (high) : Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability. This vulnerability allows network-adjacent…CVE-2026-3555 — CVSS 8.0 (high) : Philips Hue Bridge Zigbee Stack Custom Command Handler Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability…CVE-2026-3557 — CVSS 8.0 (high) : Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This…CVE-2026-3561 — CVSS 8.0 (high) : Philips Hue Bridge hk_hap characteristics Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows…CVE-2020-6007 — CVSS 7.9 (high) : Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL…