CVE-2026-28519 | Tuya arduino-TuyaOpen up to 1.2.0 DnsServer heap-based overflow

Inserito da Angelo Barbosa | Mar 15, 2026 | CVE

A vulnerability classified as critical has been found in Tuya arduino-TuyaOpen up to 1.2.0. This affects an unknown part of the component DnsServer. This manipulation causes heap-based buffer overflow.

This vulnerability appears as CVE-2026-28519. The attacker needs to be present on the local network. There is no available exploit.

It is recommended to upgrade the affected component.

CVE-2026-28519 | Tuya arduino-TuyaOpen up to 1.2.0 DnsServer heap-based overflow

Post correlati

CVE-2026-21409 | Ricoh Streamline NX 3.5.1 authorization (ricoh-2025-000011)

CVE-2024-39744 | IBM Sterling Connect Direct Web Services 6.0/6.1/6.2/6.3 cross-site request forgery (XFDB-297236)

CVE-2024-30560 | 大侠WP DX-Watermark Plugin up to 1.0.4 on WordPress cross-site request forgery

CVE-2024-50206 | Linux Kernel up to 6.11.5 mtk_eth_soc memory corruption (68cd084e3ec1/88806efc034a)