Tuya Arduino-tuyaopen
4 CVEs affecting Tuya Arduino-tuyaopen. Latest disclosed: 2026-03-16. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-28519 | High | 8.8 | 2026-03-15 | arduino-TuyaOpen before version 1.2.1 contains a heap-based buffer overflow vulnerability in the DnsServer component. An attacker on the same local area networ… |
CVE-2026-28520 | High | 8.4 | 2026-03-15 | arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim's smart hardware connect… |
CVE-2026-28521 | High | 7.7 | 2026-03-15 | arduino-TuyaOpen before version 1.2.1 contains an out-of-bounds memory read vulnerability in the TuyaIoT component. An attacker who hijacks or controls the Tuy… |
CVE-2026-28522 | Medium | 6.5 | 2026-03-16 | arduino-TuyaOpen before version 1.2.1 contains a null pointer dereference vulnerability in the WiFiUDP component. An attacker on the same local area network ca… |