CVE-2026-10065 | Shibby Tomato 1.28 tomatodata.cgi get_ups_field Date stack-based overflow
ID: 7d90b0e2-771b-51a8-824f-ffd623a8b4ea
STIX ID: report--7d90b0e2-771b-51a8-824f-ffd623a8b4ea
Feed Name: VulDB Recent Entries
Threat Score
Critical stack-based buffer overflow (CVE-2026-10065) in Shibby Tomato 1.28's tomatodata.cgi (get_ups_field) can be triggered remotely via the Date parameter and impacts confidentiality, integrity, and availability; VulDB lists CVSS base ~8.8 and temporal ~8.5, exploitation is described as easy though no public exploit exists, the firmware is unsupported and superseded by FreshTomato, and no mitigations are documented.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.