Meshtastic Firmware
13 CVEs affecting Meshtastic Firmware. Latest disclosed: 2026-01-27. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-55293 | Critical | 9.4 | 2025-08-18 | Meshtastic is an open source mesh networking solution. Prior to v2.6.3, an attacker can send NodeInfo with a empty publicKey first, then overwrite it with a ne… |
CVE-2025-24797 | Critical | 9.4 | 2025-04-14 | Meshtastic is an open source mesh networking solution. A fault in the handling of mesh packets containing invalid protobuf data can result in an attacker-contr… |
CVE-2025-55292 | High | 8.2 | 2026-01-27 | Meshtastic is an open source mesh networking solution. In the current Meshtastic architecture, a Node is identified by their NodeID, generated from the MAC add… |
CVE-2024-47078 | High | 8.1 | 2024-09-25 | Meshtastic is an open source, off-grid, decentralized, mesh network. Meshtastic uses MQTT to communicate over an internet connection to a shared or private MQT… |
CVE-2024-45038 | High | 7.5 | 2024-08-27 | Meshtastic device firmware is a firmware for meshtastic devices to run an open source, off-grid, decentralized, mesh network built to run on affordable, low-po… |
CVE-2024-47079 | Medium | 6.4 | 2024-10-07 | Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic firmware is an open source firmwa… |
CVE-2025-53627 | Medium | 5.3 | 2025-12-29 | Meshtastic is an open source mesh networking solution. The Meshtastic firmware (starting from version 2.5) introduces asymmetric encryption (PKI) for direct me… |
CVE-2024-51500 | Medium | 5.3 | 2024-11-04 | Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for packets claiming to be from the special broadca… |
CVE-2025-24798 | Medium | 4.3 | 2025-07-10 | Meshtastic is an open source mesh networking solution. From 1.2.1 until 2.6.2, a packet sent to the routing module that contains want_response==true causes a c… |
CVE-2025-53637 | Medium | 4.1 | 2025-07-10 | Meshtastic is an open source mesh networking solution. The main_matrix.yml GitHub Action is triggered by the pull_request_target event, which has extensive per… |
CVE-2024-47065 | | 2025-07-11 | Meshtastic is an open source mesh networking solution. Prior to 2.5.1, traceroute responses from the remote node are not rate limited. Given that there are SNR… | |
CVE-2025-52464 | | 2025-06-19 | Meshtastic is an open source mesh networking solution. In versions from 2.5.0 to before 2.6.11, the flashing procedure of several hardware vendors was resultin… | |
CVE-2025-21608 | | 2025-02-18 | Meshtastic is an open source mesh networking solution. In affected firmware versions crafted packets over MQTT are able to appear as a DM in client to a node e… |