PT-2026-43711 · Undefined · Undefined

Sermikr0

Published

2026-05-27

Updated

2026-05-27

CVE-2026-38427

CVSS v3.1

7.3

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

An issue in fetch jpg() in xdrv 10 scripter.ino in Tasmota through 15.3.0.3 allows a remote attacker to cause heap buffer overflow. The Content-Length from a JPEG stream is stored in a uint16 t variable; values above 65535 wrap around, causing allocation of a smaller buffer than the data actually read.

Exploit

Fix

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

CVE-2026-38427

Affected Products

Undefined

PT-2026-43711 · Undefined · Undefined

CVE-2026-38427

Weakness Enumeration

Related Identifiers

Affected Products

References · 3