CVE-2026-10066 | Shibby Tomato up to 1.28 UPS Service tomatoups.cgi sub_9068 stack-based overflow

**CVE-2026-10066 — Shibby Tomato 1.28 (tomatoups.cgi sub_9068) stack-based buffer overflow:** A critical remote stack-based overflow in the UPS Service can impact confidentiality, integrity, and availability; the vulnerability has CVSS/meta scores around 8.5–8.8, is classified as CWE-121/CWE-119, is reported as remotely exploitable with technical details available but no public exploit, affects an unsupported product superseded by FreshTomato, and an estimated exploit price is USD $0–$5k.