NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-38427

Summary	An issue in fetch_jpg() in xdrv_10_scripter.ino in Tasmota through 15.3.0.3 allows a remote attacker to cause heap buffer overflow. The Content-Length from a JPEG stream is stored in a uint16_t variable; values above 65535 wrap around, causing allocation of a smaller buffer than the data actually read.
Publication Date	May 27, 2026, 11:16 p.m.
Registration Date	May 28, 2026, 4:11 a.m.
Last Update	May 27, 2026, 11:16 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/arendst/Tasmota/blob/c207cc2/tasmota/tasmota_xdrv_driver/xdrv_10_scripter.ino	cve@mitre.org
2	https://github.com/sermikr0/CVE-2026-38427	cve@mitre.org

Common Vulnerabilities List