CVE ID :CVE-2026-28527 Published : March 30, 2026, 2:16 p.m. | 1 hour, 8 minutes ago Description :BlueKitchen BTstack contains an out-of-bounds read vulnerability in the AVRCP Controller GET_PLAYER_APPLICATION_SETTING_ATTRIBUTE_TEXT and GET_PLAYER_APPLICATION_SETTING_VALUE_TEXT handlers that allows nearby attackers to read beyond packet boundaries. Attackers can establish a paired Bluetooth Classic connection and send specially crafted VENDOR_DEPENDENT responses to trigger out-of-bounds reads, causing information disclosure and potential crashes on affected devices. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...