Libmodbus Libmodbus

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Libmodbus.

By the Year

In 2025 there have been 1 vulnerability in Libmodbus with an average score of 9.8 out of ten. Last year, in 2024 Libmodbus had 5 security vulnerabilities published. Right now, Libmodbus is on track to have less security vulnerabilities in 2025 than it did last year.




Year Vulnerabilities Average Score
2025 1 9.80
2024 5 0.00
2023 0 0.00
2022 1 7.80
2021 0 0.00
2020 0 0.00
2019 2 9.10
2018 0 0.00

It may take a day or so for new Libmodbus vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Libmodbus Security Vulnerabilities

Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10

CVE-2024-10918 9.8 - Critical - February 27, 2025

Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response if the function tries to reply to a Modbus request with an unexpected length.

Memory Corruption

An invalid pointer in the modbus_receive() function of libmodbus v3.1.6

CVE-2024-36845 - May 31, 2024

An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server.

libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx->backend pointer

CVE-2024-36844 - May 31, 2024

libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx->backend pointer. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server.

libmodbus v3.1.6 was discovered to contain a heap overflow

CVE-2024-36843 - May 31, 2024

libmodbus v3.1.6 was discovered to contain a heap overflow via the modbus_mapping_free() function.

libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function

CVE-2024-34244 - May 08, 2024

libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors.

libmodbus v3.1.10 has a heap-based buffer overflow vulnerability in read_io_status function in src/modbus.c.

CVE-2023-26793 - May 01, 2024

libmodbus v3.1.10 has a heap-based buffer overflow vulnerability in read_io_status function in src/modbus.c.

A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c.

CVE-2022-0367 7.8 - High - August 29, 2022

A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c.

Memory Corruption

An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5

CVE-2019-14462 9.1 - Critical - July 31, 2019

An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_COILS case, aka VD-1302.

Out-of-bounds Read

An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5

CVE-2019-14463 9.1 - Critical - July 31, 2019

An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301.

Out-of-bounds Read

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Debian Linux or by Libmodbus? Click the Watch button to subscribe.

Libmodbus
Vendor

Libmodbus
Product

subscribe