{"vulnerability": "cve-2026-10658", "sightings": [{"uuid": "0486f7a5-ce3a-4c2e-aed4-95befce19767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10658", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116797540252277980", "content": "Zephyr <=4.4.0 Bluetooth Host ISO path has CVE-2026-10658 (HIGH). Missing SDU header length checks can cause denial of service (kernel assert) or OOB reads if CONFIG_BT_ISO_RX is enabled. Evaluate mitigations now. https://radar.offseq.com/threat/cve-2026-10658-vulnerability-in-zephyrproject-rtos-9bbc3a2423f55b2a #OffSeq #Zephyr #CVE #Bluetooth", "creation_timestamp": "2026-06-23T04:30:31.365124Z"}, {"uuid": "ea8c9546-ff77-4df9-9225-204ba7b3b3d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-10658", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mowkw3za722p", "content": "CVE-2026-10658 (HIGH) affects Zephyr <=4.4.0 with CONFIG_BT_ISO_RX. Bluetooth ISO receive flaw can cause denial of service or OOB read. Restrict untrusted HCI ISO sources and check patch status: https://radar.offseq.com/threat/cve-2026-10658-vulnerability-in-zephyrproject-rtos-9bbc3a2423f55b2a #O...", "creation_timestamp": "2026-06-23T04:30:32.488402Z"}]}