Tag
A remote out-of-bounds write vulnerability, CVE-2026-16095, affects Shibby Tomato firmware version 1.28 RT-N5x MIPSR2 Build 124, where manipulating the `ct_tcp_timeout` argument in the `setup_conntrack` function of `/sbin/rc` can lead to memory corruption, potentially allowing arbitrary code execution or denial of service.