CVE-2026-10065

Sažetak

A weakness has been identified in Shibby Tomato 1.28. This vulnerability affects the function get_ups_field of the file tomatodata.cgi. Executing a manipulation of the argument Date can lead to stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer.

Reference

https://gitee.com/Fengyi-Wang/CVE/issues/IJK7BC
https://vuldb.com/submit/818144
https://vuldb.com/vuln/367151
https://vuldb.com/vuln/367151/cti
https://gitee.com/Fengyi-Wang/CVE/issues/IJK7BC
https://vuldb.com/submit/818144

CVSS

Base:	9.0
Impact:	10.0
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-05-2026 - 19:16

Objavljeno

29-05-2026 - 16:16