Researchers
Back
Sermikr0
#12416
of 53,633
21.9
Total CVSS
Vulnerabilities
·
3
High
3
PT-2026-43709
7.3
2026-05-27
Undefined
·
Undefined
·
CVE-2026-38422
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the tasmota/tasmota xdrv driver/xdrv 10 scripter.ino, fetch jpg() function.
PT-2026-43710
7.3
2026-05-27
Undefined
·
Undefined
·
CVE-2026-38426
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the xdrv 10 scripter.ino, fetch jpg(), jpg task.boundary[40], strcpy() function.
PT-2026-43711
7.3
2026-05-27
Undefined
·
Undefined
·
CVE-2026-38427
An issue in fetch jpg() in xdrv 10 scripter.ino in Tasmota through 15.3.0.3 allows a remote attacker to cause heap buffer overflow. The Content-Length from a JPEG stream is stored in a uint16 t variable; values above 65535 wrap around, causing allocation of a smaller buffer than the data actually read.