CVE-2026-10873EPSS p84.0%

CVE-2026-10873CVE-2026-10873

Description

A vulnerability was determined in Shibby Tomato 1.28.0000. Impacted is the function rstats_path of the file /bin/rstats of the component Web UI. Executing a manipulation can lead to os command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. This project is superseded by FreshTomato.

Scoring

CVSS 7.2 ()
VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS2.70% probability of exploitation · percentile 84.0% · 2026-06-19T12:03:05Z
Last modified2026-06-05

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-10872
CVE
CVE-2026-10870
CVE
CVE-2026-10871
CVE
CVE-2026-10124
CVE
CVE-2026-10069
CVE
CVE-2026-5976
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.