A vulnerability classified as critical was found in zephyrproject-rtos Zephyr up to 4.3 . This impacts the function tls_session_store/tls_session_restore of the file subsys/net/lib/sockets/sockets_tls.c . Executing a manipulation can lead to out-of-bounds write. This vulnerability is registered as CVE-2026-5066 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.