CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

249 matches found

CVE-2026-10298 ggml-org whisper.cpp ggml.c whisper_model_load null pointer dereference

A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whispermodelload of the file ggml/src/ggml.c. The manipulation results in null pointer dereference. Attacking locally is a requirement. The exploit has been released to the public and...

4.8CVSS5.4AI score0.00013EPSS

Exploits0References6

RedhatCVE•added 3 days ago•5 views

CVE-2026-46527

A flaw was found in cpp-httplib, a C++ HTTP/HTTPS library. When a server using cpp-httplib has configured trusted proxies, a remote attacker can send a specially crafted HTTP request with a malformed X-Forwarded-For header. This can lead to undefined behavior, resulting in abnormal process...

8.7CVSS5.8AI score0.00046EPSS

Exploits1References2

Tenable Nessus•added 5 days ago•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-45372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it...

9.9CVSS5.7AI score0.00043EPSS

Exploits1References3

OSV•added 6 days ago•4 views

UBUNTU-CVE-2026-46527

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, When the server has called Server::settrustedproxies with a non-empty trusted-proxy list, an attacker can send an HTTP request that includes an X-Forwarded-For header whose value parses to no valid ...

8.7CVSS5.7AI score0.00046EPSS

Exploits1References3

Cvelist•added 6 days ago•27 views

CVE-2026-45372 cpp-httplib: HTTP header value percent-decoding in server-side `parse_header` enables CRLF injection

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header value except Location and Referer. The validity check isfieldvalue is run before decoding, so encode...

9.9CVSS0.00043EPSS

Exploits1References1

EUVD•added 6 days ago•7 views

EUVD-2026-33425

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process crash. The ChunkedDecoder::readpayload function in cpp-httplib httplib.h parses the chunk-size field o...

5.3CVSS5.7AI score0.0008EPSS

Exploits1References1

CNNVD•added 6 days ago•4 views

cpp-httplib 环境问题漏洞

cpp-httplib is a C++ library developed by Yhirose, which includes HTTP/HTTPS server and client components. Versions of cpp-httplib prior to 0.44.0 contained an environmental issue vulnerability. This vulnerability stemmed from the server’s request parsing process, where percent signs were decoded...

9.9CVSS5.8AI score0.00043EPSS

Exploits1References1

Packet Storm News•added 2026/05/27 12:0 a.m.•9 views

Joern 4.0.548

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score

Exploits0

Packet Storm News•added 2026/05/22 12:0 a.m.•6 views

Joern 4.0.546

5.9AI score

Exploits0

Packet Storm News•added 2026/05/22 12:0 a.m.•8 views

An Empirical Evaluation of LLM-Generated Code Security across Prompting Methods

The growing use of Large Language Models LLMs for automated code generation has enhanced software development efficiency, but often at the cost of security. Generated code frequently overlooks critical concerns, leaving it vulnerable to issues such as weak encryption and improper input validation...

5.9AI score

Exploits0

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в binutils

A issue was discovered in cp-demangle.c within GNU libiberty, as part of the GNU Binutils 2.31 package. This issue involves stack exhaustion during the C++ demangling functions provided by libiberty. There is also a stack consumption problem caused by recursive stack frames: cplusdemangletype,...

5.5CVSS6.8AI score0.00177EPSS

Exploits1References2

Packet Storm News•added 2026/05/19 12:0 a.m.•7 views

Joern 4.0.542

5.9AI score

Exploits0

Packet Storm News•added 2026/05/18 12:0 a.m.•8 views

Joern 4.0.540

5.9AI score

Exploits0

Packet Storm News•added 2026/05/13 12:0 a.m.•5 views

Joern 4.0.538

5.9AI score

Exploits0

Packet Storm News•added 2026/05/12 12:0 a.m.•10 views

Joern 4.0.537

5.9AI score

Exploits0

Packet Storm News•added 2026/05/08 12:0 a.m.•4 views

Joern 4.0.536

5.9AI score

Exploits0

Packet Storm News•added 2026/05/06 12:0 a.m.•0 views

Joern 4.0.534

5.9AI score

Exploits0

Packet Storm News•added 2026/05/05 12:0 a.m.•4 views

Joern 4.0.533

5.9AI score

Exploits0

Packet Storm News•added 2026/05/04 12:0 a.m.•2 views

Joern 4.0.532

5.9AI score

Exploits0

Fedora•added 2026/04/30 1:21 a.m.•3 views

[SECURITY] Fedora 43 Update: binaryen-126-1.fc43

Binaryen is a compiler and toolchain infrastructure library for WebAssembly, written in C++. It aims to make compiling to WebAssembly easy, fast, and effective: Easy: Binaryen has a simple C API in a single header, and can also be used from JavaScript. It accepts input in WebAssembly-like form bu...

7.1CVSS5.5AI score0.0003EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by