A vulnerability was found in GALAYOU Y4 1.0.0 . It has been classified as critical . Impacted is an unknown function of the component Web Server . This manipulation causes buffer overflow. This vulnerability is tracked as CVE-2026-12192 . The attack is only possible within the local network. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.