Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1083 matches found

NVD
NVDadded 2026/04/01 9:16 p.m.2 views

CVE-2026-22815

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4...

7.5CVSS0.0002EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2026/04/01 9:16 p.m.1 views

CVE-2026-34513

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation. This issue has been patched in version 3.13.4...

7.5CVSS5.8AI score0.0002EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2026/04/01 9:16 p.m.2 views

CVE-2026-34514

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the contenttype parameter in aiohttp could use this to inject extra headers or similar exploits. This issue has been patched in version 3.13.4...

6.9CVSS5.8AI score0.00015EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2026/04/01 9:16 p.m.1 views

CVE-2026-34515

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, on Windows the static resource handler may expose information about a NTLMv2 remote path. This issue has been patched in version 3.13.4...

8.7CVSS5.9AI score0.00021EPSS
Exploits0References4
OSV
OSVadded 2026/04/01 9:16 p.m.0 views

UBUNTU-CVE-2026-34514

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the contenttype parameter in aiohttp could use this to inject extra headers or similar exploits. This issue has been patched in version 3.13.4...

6.9CVSS5.7AI score0.00015EPSS
Exploits0References5
OSV
OSVadded 2026/04/01 9:16 p.m.2 views

UBUNTU-CVE-2026-34517

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp read the entire field into memory before checking clientmaxsize. This issue has been patched in version 3.13.4...

6.9CVSS5.7AI score0.00019EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2026/04/01 9:16 p.m.1 views

CVE-2026-34516

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, a response with an excessive number of multipart headers may be allowed to use more memory than intended, potentially allowing a DoS vulnerability. This issue has been patched in version 3.13....

8.7CVSS5.8AI score0.0002EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2026/04/01 9:16 p.m.1 views

CVE-2026-22815

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4...

7.5CVSS5.9AI score0.0002EPSS
Exploits0References4
OSV
OSVadded 2026/04/01 9:16 p.m.0 views

UBUNTU-CVE-2026-34515

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, on Windows the static resource handler may expose information about a NTLMv2 remote path. This issue has been patched in version 3.13.4...

8.7CVSS5.8AI score0.00021EPSS
Exploits0References5
OSV
OSVadded 2026/04/01 9:16 p.m.0 views

UBUNTU-CVE-2026-34513

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation. This issue has been patched in version 3.13.4...

7.5CVSS5.8AI score0.0002EPSS
Exploits0References5
OSV
OSVadded 2026/04/01 9:16 p.m.0 views

UBUNTU-CVE-2026-22815

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4...

7.5CVSS5.7AI score0.0002EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2026/04/01 9:16 p.m.1 views

CVE-2026-34517

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp read the entire field into memory before checking clientmaxsize. This issue has been patched in version 3.13.4...

6.9CVSS5.8AI score0.00019EPSS
Exploits0References4
OSV
OSVadded 2026/04/01 9:16 p.m.0 views

UBUNTU-CVE-2026-34516

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, a response with an excessive number of multipart headers may be allowed to use more memory than intended, potentially allowing a DoS vulnerability. This issue has been patched in version 3.13....

8.7CVSS5.7AI score0.0002EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2026/04/01 8:28 p.m.4 views

CVE-2026-34525

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4...

6.3CVSS5.2AI score0.00162EPSS
Exploits0
CVE
CVEadded 2026/04/01 8:28 p.m.7 views

CVE-2026-34525

AIOHTTP (async HTTP client/server for asyncio and Python) before version 3.13.4 allowed multiple Host headers due to its header handling. This issue has been fixed in version 3.13.4. Affected component: Host header processing in aiohttp prior to 3.13.4. Remediation: upgrade to 3.13.4 or later. Ex...

6.3CVSS5.8AI score0.00162EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/01 8:28 p.m.1 views

CVE-2026-34525

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4...

6.3CVSS5.8AI score0.00162EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinuxadded 2026/04/01 8:28 p.m.3 views

CVE-2026-34525

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4...

6.3CVSS5.4AI score0.00162EPSS
Exploits0
Cvelist
Cvelistadded 2026/04/01 8:27 p.m.17 views

CVE-2026-34520 AIOHTTP: C parser (llhttp) accepts null bytes and control characters in response header values - header injection / security bypass

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser the default for most installs accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4...

6.9CVSS0.00078EPSS
Exploits0References3
AlpineLinux
AlpineLinuxadded 2026/04/01 8:27 p.m.0 views

CVE-2026-34520

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser the default for most installs accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4...

9.1CVSS5.4AI score0.00078EPSS
Exploits0
Debian CVE
Debian CVEadded 2026/04/01 8:27 p.m.4 views

CVE-2026-34520

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser the default for most installs accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4...

9.1CVSS5.3AI score0.00078EPSS
Exploits0
Rows per page
Query Builder