CVE-2026-31280

medium

Published 2026-04-13 · Modified 2026-05-10

CVSS v3

6.5

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2

—

VIR risk

6.5

Description

An issue in the Bluetooth RFCOMM service of Parani M10 Motorcycle Intercom v2.1.3 allows unauthorized attackers to cause a Denial of Service (DoS) via supplying crafted RFCOMM frames.

Predictions

Exploit likelihood

65%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

https://amoebatech.gitbook.io/amoebatech-docs/cve-2026-31280-insecure-bluetooth-rfcomm-leading-to-device-crash-in-parani-m10-intercom
https://nvd.nist.gov/vuln/detail/cve-2023-4586
https://nvd.nist.gov/vuln/detail/cve-2025-20701

CWEs

CWE-120

Verify integrity in audit chain (admin only). AS-IS.