CVE-2026-28520
CVE-2026-28520 affects arduino-TuyaOpen prior to 1.2.1, where the WiFiMulti component contains a single-byte buffer overflow. When a device connects to an attacker-controlled AP hotspot, the overflow can be exploited to execute arbitrary code on the embedded device (remote code execution). The av...