EUVD-2026-14179

🗓️ 24 Mar 2026 19:20:53Reported by EUVDType

NiceGUI's unvalidated chunk size in media routes can cause memory exhaustion.

Reporter	Title	Published	Views	Family All 40
ATTACKERKB	CVE-2026-33331	24 Mar 202619:18	–	attackerkb
ATTACKERKB	CVE-2026-33332	24 Mar 202619:20	–	attackerkb
ATTACKERKB	CVE-2026-3333	21 Mar 202603:26	–	attackerkb
Circl	CVE-2026-3333	21 Mar 202603:17	–	circl
Circl	CVE-2026-33331	20 Mar 202600:13	–	circl
Circl	CVE-2026-33332	24 Mar 202619:16	–	circl
CNNVD	WordPress plugin MinhNhut Link Gateway 跨站脚本漏洞	21 Mar 202600:00	–	cnnvd
CNNVD	orpc 跨站脚本漏洞	24 Mar 202600:00	–	cnnvd
CNNVD	NiceGUI 安全漏洞	24 Mar 202600:00	–	cnnvd
CVE	CVE-2026-3333	21 Mar 202603:26	–	cve

[
  {
    "enisaIdVendor": [
      {
        "id": "3fb055d0-fcb9-3d9a-9ae3-0a663114de88",
        "vendor": {
          "name": "zauberzeug"
        }
      },
      {
        "id": "6f1c6310-3aaf-399b-bc0e-7ad980ddb9f4",
        "vendor": {
          "name": "minhnhut"
        }
      },
      {
        "id": "d1db203e-b8eb-31b2-a391-fe38eacbddee",
        "vendor": {
          "name": "middleapi"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0e549247-41dc-37d0-aa38-9104c5b930ee",
        "product": {
          "name": "nicegui"
        },
        "product_version": "< 3.9.0"
      },
      {
        "id": "7531bcf7-8887-321c-9105-53315767a55d",
        "product": {
          "name": "MinhNhut Link Gateway"
        },
        "product_version": "* ≤3.6.1"
      },
      {
        "id": "eeeda329-f31a-3396-b733-5c2361b232a4",
        "product": {
          "name": "orpc"
        },
        "product_version": "< 1.13.9"
      }
    ]
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/91f45973-5a98-4fdd-88fd-83b95f6d77e7
plugins	www.plugins.trac.wordpress.org/browser/minhnhut-link-gateway/trunk/classes.php
plugins	www.plugins.trac.wordpress.org/browser/minhnhut-link-gateway/trunk/templates/default/index.php
github	www.github.com/middleapi/orpc/security/advisories/GHSA-7f6v-3gx7-27q8
github	www.github.com/zauberzeug/nicegui/security/advisories/GHSA-w5g8-5849-vj76
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-3333
github	www.github.com/middleapi/orpc/commit/4f0efa8a1d3fa8e8317a4b03cc3945a5dfd68add
github	www.github.com/middleapi/orpc/releases/tag/v1.13.9
github	www.github.com/zauberzeug/nicegui/commit/9026962b8c4f3f225c98b2fbc35aa6b60cb3495b
github	www.github.com/zauberzeug/nicegui/releases/tag/v3.9.0

24 Mar 2026 19:20Current

5.7Medium risk

Vulners AI Score5.7

CVSS 46.9

CVSS 3.18.2

EPSS0.00043

SSVC