Buffer overflow in Tp-link Systems Inc. Tapo C520ws V2.6

CVE-2026-34120

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming…

Vulnerability class: Buffer Overflow

EPSS: 0.000 (7.3th percentile) — read the EPSS interpretation.

Affected products

Tp-link Systems Inc. Tapo C520ws V2.6 — versions 0

Weakness classification (CWE)

CWE-122 — Heap-based Buffer Overflow

References

www.tp-link.com/us/support/download/tapo-c520ws/ (patch)
www.tp-link.com/en/support/download/tapo-c520ws/ (patch)
www.tp-link.com/us/support/faq/5047/ (vendor-advisory)