sermikr0/CVE-2026-38426

Releases0

CVE-2026-38426 — strcpy() Stack Buffer Overflow in Tasmota fetch_jpg() boundary[40] (Tasmota <= 15.3.0.3)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-38426 ↗	May 27, 2026Wednesday, 27 May 2026, 14:16	7.3 HIGH	—
Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the xdrv_10_scripter.ino, fetch_jpg(), jpg_task.boundary[40], strcpy() function.