Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/05/13 6:23 p.m.37 views

CVE-2026-44248 Netty: Resource exhaustion in MqttDecoder

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the MQTT 5 header Properties section is parsed and buffered before any message size limit is applied. Specifically, in MqttDecoder, the decodeVariableHeader method is called before the...

5.3CVSS0.00455EPSS
Exploits0References1
Wolfi
Wolfi
added 2026/05/08 1:48 p.m.16 views

CVE-2026-44248 vulnerabilities

Vulnerabilities for packages: thingsboard, management-api-for-apache-cassandra-5.0, trino, apache-activemq-artemis, druid, tez, celeborn...

7.5CVSS6.6AI score0.00455EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/07 5:14 a.m.8 views

ai.chronon:service_2.11 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:service_2.12 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +2588 more potentially affected by CVE-2026-44248 via io.netty:netty-codec-mqtt (>=4.1.100.Final <=4.1.132.Final)

io.netty:netty-codec-mqtt MAVEN version =4.1.100.Final, =0.0.86, =0.0.86, =0.0.86, =3.30.1.1, =3.10.0.5, =0.2.3.5, =0.0.1, =2.0.24, =1.1.9, =0.0.1, =0.0.9 and more Source cves: CVE-2026-44248 Source advisory: OSV:GHSA-JFG9-48MV-9QGX...

7.5CVSS6.5AI score0.00455EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/07 5:14 a.m.11 views

ai.spice:spiceai (=0.6.0), cn.isqing.icloud:icloud-common-utils (>=4.0.3-M1 <=4.0.3.1) +388 more potentially affected by CVE-2026-44248 via io.netty:netty-codec-mqtt (>=4.2.0.Alpha1 <=4.2.12.Final)

io.netty:netty-codec-mqtt MAVEN version =4.2.0.Alpha1, =4.0.3-M1, =1.21.9, =3.4.7, =25.4.1, =26.2.1, =7.9.0, =5.1.0, =5.1.0, =6.80, =0.2.2, =0.2.4 and more Source cves: CVE-2026-44248 Source advisory: OSV:GHSA-JFG9-48MV-9QGX...

7.5CVSS6.5AI score0.00455EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/07 5:14 a.m.9 views

ai.chronon:service_2.11 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:service_2.12 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +2588 more potentially affected by CVE-2026-44248 via io.netty:netty-codec-mqtt (>=4.1.100.Final <=4.1.132.Final)

io.netty:netty-codec-mqtt MAVEN version =4.1.100.Final, =0.0.86, =0.0.86, =0.0.86, =3.30.1.1, =3.10.0.5, =0.2.3.5, =0.0.1, =2.0.24, =1.1.9, =0.0.1, =0.0.9 and more Source cves: CVE-2026-44248 Source advisory: SNYK:JAVA-IONETTY-16439015...

7.5CVSS6.5AI score0.00455EPSS
Exploits0
Rows per page
Query Builder