CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

261 matches found

OSV•added 2026/06/12 4:16 p.m.•3 views

UBUNTU-CVE-2026-44967

OpenTelemetry-cpp is the C++ implementation of OpenTelemetry. Prior to release 1.27.0, the OTLP HTTP exporters traces/metrics/logs read the full HTTP response into an in-memory vector of bytes without a size cap. This is exploitable for memory exhaustion when the configured collector endpoint is...

5.3CVSS5.4AI score0.00206EPSS

Exploits0References6

Debian CVE•added 2026/06/12 2:52 p.m.•7 views

CVE-2026-44967

5.3CVSS5.3AI score0.00206EPSS

Exploits0

Packet Storm News•added 2026/06/11 12:0 a.m.•5 views

Joern 4.0.556

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.3AI score

Exploits0

CNNVD•added 2026/06/04 12:0 a.m.•3 views

SAMSUNG rLottie 安全漏洞

SAMSUNG rLottie is a platform-independent C++ library developed by Samsung Electronics of South Korea. It is used for real-time rendering of vector-based animations and art. A previous version of SAMSUNG rLottie, eae37633fda13ac05b25c6c95aacea4bc33c80a3, contained security vulnerabilities. These...

6.1CVSS5.3AI score0.00104EPSS

Exploits0References2

Packet Storm News•added 2026/06/04 12:0 a.m.•4 views

Joern 4.0.554

5.9AI score

Exploits0

Vulnrichment•added 2026/06/01 10:30 p.m.•7 views

CVE-2026-10298 ggml-org whisper.cpp ggml.c whisper_model_load null pointer dereference

A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whispermodelload of the file ggml/src/ggml.c. The manipulation results in null pointer dereference. Attacking locally is a requirement. The exploit has been released to the public and...

4.8CVSS5.4AI score0.00153EPSS

Exploits0References6

RedhatCVE•added 2026/06/01 1:19 p.m.•7 views

CVE-2026-46527

A flaw was found in cpp-httplib, a C++ HTTP/HTTPS library. When a server using cpp-httplib has configured trusted proxies, a remote attacker can send a specially crafted HTTP request with a malformed X-Forwarded-For header. This can lead to undefined behavior, resulting in abnormal process...

8.7CVSS5.8AI score0.00283EPSS

Exploits1References2

Tenable Nessus•added 2026/05/30 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-45372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it...

9.9CVSS5.2AI score0.00254EPSS

Exploits1References3

OSV•added 2026/05/29 8:16 p.m.•8 views

UBUNTU-CVE-2026-46527

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, When the server has called Server::settrustedproxies with a non-empty trusted-proxy list, an attacker can send an HTTP request that includes an X-Forwarded-For header whose value parses to no valid ...

8.7CVSS5.7AI score0.00283EPSS

Exploits1References3

Cvelist•added 2026/05/29 7:21 p.m.•35 views

CVE-2026-45372 cpp-httplib: HTTP header value percent-decoding in server-side `parse_header` enables CRLF injection

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header value except Location and Referer. The validity check isfieldvalue is run before decoding, so encode...

9.9CVSS0.00254EPSS

Exploits1References1

EUVD•added 2026/05/29 7:14 p.m.•11 views

EUVD-2026-33425

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process crash. The ChunkedDecoder::readpayload function in cpp-httplib httplib.h parses the chunk-size field o...

5.3CVSS5.7AI score0.00283EPSS

Exploits1References1

CNNVD•added 2026/05/29 12:0 a.m.•11 views

cpp-httplib 环境问题漏洞

cpp-httplib is a C++ library developed by Yhirose, which includes HTTP/HTTPS server and client components. Versions of cpp-httplib prior to 0.44.0 contained an environmental issue vulnerability. This vulnerability stemmed from the server’s request parsing process, where percent signs were decoded...

9.9CVSS5.8AI score0.00254EPSS

Exploits1References1

Packet Storm News•added 2026/05/27 12:0 a.m.•10 views

Joern 4.0.548

5.9AI score

Exploits0

Packet Storm News•added 2026/05/22 12:0 a.m.•8 views

Joern 4.0.546

5.9AI score

Exploits0

Packet Storm News•added 2026/05/22 12:0 a.m.•9 views

An Empirical Evaluation of LLM-Generated Code Security across Prompting Methods

The growing use of Large Language Models LLMs for automated code generation has enhanced software development efficiency, but often at the cost of security. Generated code frequently overlooks critical concerns, leaving it vulnerable to issues such as weak encryption and improper input validation...

5.9AI score

Exploits0

Packet Storm News•added 2026/05/19 12:0 a.m.•17 views

Joern 4.0.542

5.9AI score

Exploits0

Packet Storm News•added 2026/05/18 12:0 a.m.•9 views

Joern 4.0.540

5.9AI score

Exploits0

Packet Storm News•added 2026/05/13 12:0 a.m.•9 views

Joern 4.0.538