CVE-2026-30278
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk41th percentile - higher than 41% of all known CVEs
Summary
An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.
Risk Assessment
The risk includes potential system compromise or sensitive data leakage, which could impact the integrity and confidentiality of the navigation system.
Recommendation
It is recommended to immediately update the application to the latest version and implement validation and restrictions for imported files.
Original NVD description (English source)
An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

