,

Vulnerability Watch No2

🛡️
Remote Buffer Overflow in Shibby Tomato Scheduler

Anyone still running Shibby Tomato should migrate or patch as soon as possible. The vulnerability is remotely reachable and should be treated as high priority.
CVE-2026-16097 is a stack-based buffer overflow vulnerability in the Scheduler Name Handler component of Shibby Tomato 1.28. The flaw affects the function sub_42537C and can be triggered remotely through manipulation of the argument a1. It is rated CVSS 8.8 HIGH, and the project has been superseded by FreshTomato.
🔗 Read more 🔗
Source: NVD

🌐
Remote Stack Overflow Found in Shibby Tomato

Organizations still using this firmware should upgrade or migrate promptly. Remote attack capability makes this a high-priority fix.
CVE-2026-16096 affects Shibby Tomato 1.28 RT-N5x MIPSR2 Build 124 with a stack-based buffer overflow in the function sub_40BB50 handling /proc/webmon_recent_domains. The vulnerability can be exploited remotely. It carries a CVSS 8.8 HIGH rating, and the project has been superseded by FreshTomato.
🔗 Read more 🔗
Source: NVD

⚠️
Out-of-Bounds Write Threatens Shibby Tomato Routers

Patch or replace affected firmware without delay. Remote exploitation potential makes this an important remediation item.
CVE-2026-16095 is an out-of-bounds write vulnerability in Shibby Tomato 1.28 RT-N5x MIPSR2 Build 124. The flaw affects setup_conntrack in /sbin/rc and can be triggered remotely by manipulating the ct_tcp_timeout argument. It has a CVSS 8.8 HIGH severity rating, and the project is superseded by FreshTomato.
🔗 Read more 🔗
Source: NVD

📂
Directory Traversal Bug Hits VMware Avi Load Balancer

Administrators should upgrade to the fixed versions as soon as practical. Authenticated users could abuse this flaw to access unintended files.
CVE-2026-47871 is a directory traversal vulnerability in VMware Avi Load Balancer. Improper file path validation allows authenticated network users to perform directory traversal attacks. The issue is rated CVSS 8.8 HIGH and has fixes available for affected release branches.
🔗 Read more 🔗
Source: NVD

🚨
Privilege Escalation Can Lead to Remote Code Execution

Apply the vendor fixes promptly, especially in environments with multiple administrative users. The combination of privilege escalation and code execution increases operational risk.
CVE-2026-47870 affects VMware Avi Load Balancer with a privilege escalation vulnerability. An authenticated user with network access may be able to execute remote code. The vulnerability has a CVSS 7.1 HIGH rating and patched versions are available.
🔗 Read more 🔗
Source: NVD

💥
Remote Code Execution Flaw in VMware Avi

Patch affected systems quickly because authenticated attackers could gain code execution. Prioritize internet-facing or shared administrative deployments.
CVE-2026-47869 is a remote code execution vulnerability in VMware Avi Load Balancer. An authenticated network user may be able to inject and execute code. The issue is rated CVSS 8.7 HIGH and fixed releases are available.
🔗 Read more 🔗
Source: NVD

🔒
Local Privilege Escalation to Root in VMware Avi

Patch systems where local access is possible. This is especially relevant for shared or multi-user environments.
CVE-2026-47868 is a local privilege escalation vulnerability in VMware Avi Load Balancer. A local attacker may elevate privileges and execute code as root. It is rated CVSS 7.8 HIGH and corrected in updated releases.
🔗 Read more 🔗
Source: NVD


Network RCE Exposes VMware Avi Control Plane

This deserves rapid patching, particularly for exposed management infrastructure. Remote code execution against the control plane presents significant risk.
CVE-2026-47867 is a remote code execution vulnerability affecting VMware Avi Load Balancer. A malicious network user may access the Avi Control Plane and execute code remotely. The vulnerability carries a CVSS 8.7 HIGH rating with vendor fixes available.
🔗 Read more 🔗
Source: NVD

🔓
Authorization Bypass Impacts VMware Avi

Upgrade affected installations to remove unauthorized access paths. Even limited control plane exposure can aid follow-on attacks.
CVE-2026-47866 is an authorization bypass vulnerability in VMware Avi Load Balancer. A network attacker can access a limited subset of the Avi Control Plane without proper authorization. The flaw is rated CVSS 8.3 HIGH and has been addressed in updated versions.
🔗 Read more 🔗
Source: NVD

🚨
Critical Authentication Bypass in VMware Avi

Treat this as an emergency patching priority. Authentication bypass on management infrastructure carries severe operational risk.
CVE-2026-47865 is an authentication bypass vulnerability affecting VMware Avi Load Balancer. A network attacker may gain access to the Avi Control Plane by bypassing authentication. The issue is rated CVSS 9.8 CRITICAL and patched releases are available.
🔗 Read more 🔗
Source: NVD

🌍
Public SSRF Exploit Targets Sipeed PicoClaw

Patch immediately if you run affected versions. The availability of a public exploit raises the urgency even though active exploitation is not stated.
CVE-2026-16084 is a server-side request forgery vulnerability in Sipeed PicoClaw up to version 0.2.9. The flaw affects the web_fetch function in pkg/tools/integration/web.go and can be exploited remotely. It is rated CVSS 7.3 HIGH, and a public exploit is available alongside a recommended patch.
🔗 Read more 🔗
Source: NVD

🖥️
JLine Telnet Module Vulnerable to CPU Exhaustion

Developers and operators using the JLine remote-telnet module should upgrade promptly. Internet-accessible Telnet services are the highest priority.
CVE-2026-56741 affects the JLine Java library before versions 3.30.14, 4.0.16, and 4.2.1. An unauthenticated attacker can abuse oversized Telnet terminal dimensions to trigger excessive rendering work, leading to CPU exhaustion and denial of service. The vulnerability has a CVSS 7.5 HIGH rating and is fixed in the listed releases.
🔗 Read more 🔗
Source: NVD