A vulnerability categorized as very critical has been discovered in zephyrproject-rtos Zephyr up to 4.3.0 . This affects the function strlen of the component WebSocket Upgrade Handler . Executing a manipulation can lead to improper null termination. The identification of this vulnerability is CVE-2026-5067 . The attack may be launched remotely. There is no exploit available.