CVE-2026-23747 is a stack-based buffer overflow vulnerability identified in the Golioth Firmware SDK, specifically in versions before 0.22.0, with version 0.10.0 confirmed affected. The vulnerability arises from improper handling of network-supplied payload data in the functions golioth_payload_as_int() and golioth_payload_as_float(). These functions copy payload data into fixed-size stack buffers using memcpy(), with the length parameter derived directly from the payload_size. While asserts check the payload size, these are compiled out in release builds, removing any effective bounds checking. Consequently, if a payload larger than 12 bytes (for int) or 32 bytes (for float) is received, it can overflow the stack buffer, potentially overwriting adjacent stack memory. This can cause application crashes or denial of service conditions. The vulnerability is reachable through the LightDB State on_payload mechanism, meaning an attacker controlling the server or positioned as a man-in-the-middle can send malicious payloads to trigger the overflow. The vulnerability is classified under CWE-121 (stack-based buffer overflow) and has a CVSS 4.0 base score of 6.3, indicating medium severity. Exploitation does not require authentication or user interaction, increasing the risk surface. No public exploits have been reported yet, but the flaw was fixed in commit 48f521b in version 0.22.0 of the SDK. The issue highlights the risk of relying on asserts for security-critical checks that are disabled in production builds.

The primary impact of CVE-2026-23747 is the potential for denial of service via application crashes caused by stack buffer overflow. While the vulnerability does not explicitly mention arbitrary code execution, stack overflows can sometimes be leveraged for code execution or control flow hijacking, depending on the environment and exploit complexity. For organizations deploying IoT devices or embedded systems using the Golioth Firmware SDK, this vulnerability could disrupt device operation, leading to service outages or degraded functionality. Since the flaw is exploitable remotely via network payloads without authentication, attackers could target large numbers of devices to cause widespread disruption. This may affect critical infrastructure or industrial IoT deployments relying on Golioth SDK, impacting operational continuity and potentially safety. The absence of known exploits reduces immediate risk, but the medium severity score and ease of triggering the overflow warrant prompt remediation. Additionally, compromised devices could be used as entry points for further attacks within organizational networks.

To mitigate CVE-2026-23747, organizations should upgrade all affected Golioth Firmware SDK instances to version 0.22.0 or later, where the vulnerability has been fixed. If immediate upgrade is not feasible, implement network-level protections such as filtering or validating payload sizes before they reach vulnerable functions. Employ secure communication channels (e.g., TLS) to prevent man-in-the-middle attacks that could inject malicious payloads. Review and enhance input validation in custom code interacting with the SDK to enforce strict payload size limits. Enable compiler security features such as stack canaries, address space layout randomization (ASLR), and control-flow integrity (CFI) to reduce exploitation risk. Conduct thorough testing of firmware releases to detect buffer overflows and other memory safety issues. Monitor device logs and network traffic for anomalous payloads or crashes indicative of exploitation attempts. Finally, coordinate with Golioth support and subscribe to security advisories to stay informed about patches and vulnerability disclosures.