CVE-2026-10066 | Shibby Tomato up to 1.28 UPS Service tomatoups.cgi sub_9068 stack-based overflow

A vulnerability, which was classified as critical, has been found in Shibby Tomato up to 1.28. This issue affects the function sub_9068 of the file tomatoups.cgi of the component UPS Service. The manipulation leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is documented as CVE-2026-10066. The attack can be initiated remotely. There is not any exploit available.

This project is superseded by FreshTomato.

CVE-2026-10066 | Shibby Tomato up to 1.28 UPS Service tomatoups.cgi sub_9068 stack-based overflow

Post correlati

CVE-2025-8230 | Campcodes Courier Management System 1.0 /manage_user.php ID sql injection

CVE-2025-13648 | Microcom ZeusWeb 6.1.31 My Account Page Name/Surname cross site scripting

CVE-2024-11442 | Horizontal Scroll Image Slideshow Plugin up to 10.1 on WordPress cross site scripting

CVE-2023-23730 | Brainstorm Force Spectra Plugin up to 2.3.0 on WordPress excessive authentication