What is CVE-2026-4149?

CVE-2026-4149 is a critical-severity vulnerability in Sonos Era 300, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 10.0/10. Published 2026-04-11.

How severe is CVE-2026-4149?

Critical severity. CVSS v3 base score is 10.0 out of 10.

Buffer overflow in Sonos Era 300

CVE-2026-4149

Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit…

Vulnerability class: Buffer Overflow

EPSS: 0.011 (77.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.

Affected products

Sonos Era 300 — versions 17.5 (build 91.0-70070)

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

ZDI-26-192 (x_research-advisory)

Frequently asked questions

What is CVE-2026-4149?: CVE-2026-4149 is a critical-severity vulnerability in Sonos Era 300, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 10.0/10. Published 2026-04-11.
How severe is CVE-2026-4149?: Critical severity. CVSS v3 base score is 10.0 out of 10.