sermikr0/CVE-2026-38427

Releases0

CVE-2026-38427 — Integer Wraparound → Heap Buffer Overflow in Tasmota fetch_jpg() uint16_t (Tasmota <= 15.3.0.3)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-38427 ↗	May 27, 2026Wednesday, 27 May 2026, 14:16	7.3 HIGH	—
An issue in fetch_jpg() in xdrv_10_scripter.ino in Tasmota through 15.3.0.3 allows a remote attacker to cause heap buffer overflow. The Content-Length from a JPEG stream is stored in a uint16_t variable; values above 65535 wrap around, causing allocation of a smaller buffer than the data actually read.