Meshtastic Security Vulnerabilities (CVEs)

Track 9 security vulnerabilities affecting Meshtastic products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

2 Critical

4 High

3 Medium

Sort by:

🔔 Get Alerts for Meshtastic

CVE-2025-55292 8.2

This vulnerability allows attackers to impersonate legitimate nodes in Meshtastic mesh networks by forging NodeInfo packets that claim HAM mode is ena...

Jan 28, 2026

CVE-2025-53627 5.3

This CVE describes a downgrade attack vulnerability in Meshtastic firmware where direct messages can be silently decrypted using legacy symmetric encr...

Dec 29, 2025

CVE-2025-55293 9.4

This vulnerability allows an attacker to impersonate legitimate nodes in a Meshtastic mesh network by manipulating public key assignments. Attackers c...

Aug 18, 2025

CVE-2024-47065 6.5

This vulnerability in Meshtastic allows attackers to abuse traceroute functionality to force remote nodes to continuously respond, enabling rapid coll...

Jul 11, 2025

CVE-2025-53637 4.1

This CVE describes a command injection vulnerability in Meshtastic's GitHub Actions workflow that allows attackers to execute arbitrary code in the CI...

Jul 10, 2025

CVE-2025-52464 8.3

This vulnerability in Meshtastic firmware allows attackers to decrypt direct messages when they have compiled a list of compromised cryptographic keys...

Jun 19, 2025

CVE-2025-24797 9.4

CVE-2025-24797 is a critical buffer overflow vulnerability in Meshtastic firmware that allows unauthenticated attackers to execute arbitrary code on a...

Apr 15, 2025

CVE-2024-47078 8.1

CVE-2024-47078 is an authentication and authorization bypass vulnerability in Meshtastic's MQTT implementation that allows unauthorized control of MQT...

Sep 25, 2024

CVE-2024-45038 7.5

This CVE describes a denial-of-service vulnerability in Meshtastic device firmware's MQTT handling. Attackers can crash devices by sending malicious M...

Aug 27, 2024

Why Monitor Meshtastic Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 9+ known vulnerabilities affecting Meshtastic products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Meshtastic packages in under 60 seconds. No agents required - completely agentless scanning that works across Meshtastic deployments.

Free vulnerability database: Access detailed information about every Meshtastic CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Meshtastic CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Meshtastic CVEs Free