A vulnerability marked as critical has been reported in zephyrproject zephyr up to 4.4.x . Impacted is the function recvmsg of the file subsys/net/lib/sockets/sockets_inet.c of the component Supervisor Mode . Performing a manipulation results in out-of-bounds write. This vulnerability is identified as CVE-2026-10643 . The attack is only possible with local access. There is not any exploit available. It is suggested to upgrade the affected component.