Product
A critical out-of-bounds write vulnerability (CVE-2026-15545) exists in Shibby Tomato firmware up to version 1.28.0000, specifically within the `main` function of the `www/apcupsd/tomatodata.cgi` file in the `apcupsd` component, which can be exploited remotely with a publicly available exploit, posing a significant risk to affected network devices.