CVE Catalog

CVE-2026-30278

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.53%

41th percentile - higher than 41% of all known CVEs

Summary

An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

Risk Assessment

The risk includes potential system compromise or sensitive data leakage, which could impact the integrity and confidentiality of the navigation system.

Recommendation

It is recommended to immediately update the application to the latest version and implement validation and restrictions for imported files.

Original NVD description (English source)

An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS