Vulnerabilities

This page briefly lists all of the vulnerabilities that are discovered and fixed in each release of USB Components. Please note that for the on-going issues or the issues under embargo period, the information on this page may reflect once the desired resolution has been achieved.

CVE-2025

CVE-2025-68622

Stack buffer overflow in UVC descriptor printing

Security Advisory: GHSA-g65h-9ggq-9827.
Impact: Applicable for usb_host_uvc component
Resolution: Please see advisory for details

CVE-2025-68656

USB Host HID Descriptor Use-After-Free Vulnerability

Security Advisory: GHSA-2pm2-62mr-c9x7.
Impact: Applicable for usb_host_hid component
Resolution: Please see advisory for details

CVE-2025-68657

Double-Free Race Condition in USB Host HID Device Close Path

Security Advisory: GHSA-gp8r-qjfr-gqfv.
Impact: Applicable for usb_host_hid component
Resolution: Please see advisory for details