CRITICALCVE-2026-30278Published 2026-03-31Modified 2026-04-02CNA mitre

CVE-2026-30278: An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35

An arbitrary file overwrite vulnerability in FLY is FUN Aviation Navigation v35.33 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

CVSS v3.1: 9.8
Severity: CRITICAL
Fixed in: —
Affected Products: 1

Affected packages

n/a / n/a
n/a

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

fly.com
secsys.fudan.edu.cn
funair.cz

Metrics