PT-2026-36516 · Unknown · Open-Sae-J1939

Feng Ning

Published

2026-05-01

Updated

2026-05-05

CVE-2026-42467

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Open-SAE-J1939 versions prior to commit b6caf884df46435e539b1ecbf92b6c29b345bdfe

Description A denial of service can be triggered via a crafted CAN frame on the J1939 bus within the SAE J1939 Read Binary Data Transfer DM16() function.

Recommendations Update to a version following commit b6caf884df46435e539b1ecbf92b6c29b345bdfe. As a temporary workaround, consider restricting access to the SAE J1939 Read Binary Data Transfer DM16() function to minimize the risk of exploitation.

Fix

DoS

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2026-42467

Affected Products

Open-Sae-J1939

PT-2026-36516 · Unknown · Open-Sae-J1939

CVE-2026-42467

Weakness Enumeration

Related Identifiers

Affected Products

References · 5