CVE-2026-10069

7.5 HIGH

A vulnerability has been found in Shibby Tomato 1.28

Published: 2026-05-29 · Last updated: 2026-06-02

Severity and scoring

CVSS: 7.5 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-400, CWE-404

Description

A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of the file usr/sbin/miniupnpd. Such manipulation leads to resource consumption. The attack may be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-10069
[Other]https://gitee.com/Fengyi-Wang/CVE/issues/IJD8SP
[Other]https://vuldb.com/submit/818238
[Other]https://vuldb.com/vuln/367155
[Other]https://vuldb.com/vuln/367155/cti
[Other]https://gitee.com/Fengyi-Wang/CVE/issues/IJD8SP

Related CVEs

Same CWE

CVE-2026-41708 — In Spring Cloud Sleuth, it is possible for a user to provide specially crafted calls that may cause a denial-of-service (DoS) condition (7.5 HIGH)
CVE-2026-5079 — Impact: multer versions 1.0.0 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service via deeply nested field names in mult... (7.5 HIGH)
CVE-2026-50011 — Netty is a network application framework for development of protocol servers and clients (7.5 HIGH)
CVE-2026-48043 — Netty is a network application framework for development of protocol servers and clients (5.3 MEDIUM)
CVE-2026-47244 — Netty is a network application framework for development of protocol servers and clients (5.3 MEDIUM)