NULL-pointer Deref esp_http_server WebSocket (ESF-IDF 6.0)
CVE-2026-45541 Published on June 10, 2026
ESF-IDF: Remote Null Pointer Dereference in WebSocket Server
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation path of the esp_http_server component. While parsing the client-supplied Sec-WebSocket-Protocol request header during the WebSocket handshake, the tokenisation result is dereferenced without a NULL check, so a malformed header value can crash the server before any application-level authentication runs. This issue has been patched in versions 5.2.7, 5.3.6, 5.4.5, 5.5.5, and 6.0.1.
Vulnerability Analysis
CVE-2026-45541 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.
Products Associated with CVE-2026-45541
Want to know whenever a new CVE is published for Espressif Esp Idf? stack.watch will email you.
Affected Versions
espressif esp-idf:- Version = 6.0 is affected.
- Version = 5.5.4 is affected.
- Version = 5.4.4 is affected.
- Version = 5.3.5 is affected.
- Version = 5.2.6 is affected.