A vulnerability, which was classified as critical , has been found in TP-Link Tapo C520WS 2.6 . This impacts an unknown function of the component HTTP Parser . Performing a manipulation results in heap-based buffer overflow. This vulnerability is reported as CVE-2026-34119 . The attacker must have access to the local network to execute the attack. No exploit exists.