Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Sat, 30 May 2026 23:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Arendst
Arendst tasmota |
|
| Vendors & Products |
Arendst
Arendst tasmota |
Thu, 28 May 2026 18:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Tasmota Buffer Overflow in fetch_jpg Allows Remote Code Execution |
Thu, 28 May 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Remote Code Execution via Buffer Overflow in Tasmota Scripter fetch_jpg() | |
| Weaknesses | CWE-120 |
Thu, 28 May 2026 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-121 | |
| Metrics |
cvssV3_1
|
Wed, 27 May 2026 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Remote Code Execution via Buffer Overflow in Tasmota Scripter fetch_jpg() | |
| Weaknesses | CWE-120 |
Wed, 27 May 2026 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the tasmota/tasmota_xdrv_driver/xdrv_10_scripter.ino, fetch_jpg() function. | |
| References |
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-05-28T13:47:04.356Z
Reserved: 2026-04-06T00:00:00.000Z
Link: CVE-2026-38422
Updated: 2026-05-28T13:47:00.149Z
Status : Deferred
Published: 2026-05-27T14:16:45.753
Modified: 2026-06-17T10:41:41.407
Link: CVE-2026-38422
No data.
OpenCVE Enrichment
Updated: 2026-05-30T21:22:36Z