Product
A stack-based buffer overflow vulnerability, identified as CVE-2026-15544, exists in the `getupsvar` function within the `www/apcupsd/tomatodata.cgi` file of the `apcupsd` component in Shibby Tomato firmware versions up to and including 1.28.0000, allowing a remote attacker to achieve arbitrary code execution by manipulating the `Field` argument.