HIGH
Tuya
CVE published 2026-03-16
CVE-2026-28522
A null pointer dereference vulnerability exists in the WiFiUDP component of arduino-TuyaOpen before version 1.2.1. An attacker on the same local area network can trigger a denial-of-service condition by sending a large volume of malicious UDP packets. The vulnerability was published on March 16, 2026, and last modified on May 26, 2026. The issue is classified as CWE-476 (NULL Pointer Dereference) and carr [truncated]