Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

69 matches found

EUVD
EUVDadded 3 days ago4 views

EUVD-2026-39345

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

4.3CVSS5.9AI score0.00479EPSS
Exploits0References1
CVE
CVEadded 3 days ago7 views

CVE-2026-42005

CVE-2026-42005 describes a vulnerability where an attacker can send a web request that triggers unlimited memory allocation in the internal web server, causing denial of service. The affected component is the internal web server; root cause is uncontrolled memory growth when processing requests. ...

4.3CVSS5.9AI score0.00479EPSS
Exploits0References1
Cvelist
Cvelistadded 3 days ago29 views

CVE-2026-42005 Insufficient input validation of internal web server

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

4.3CVSS0.00479EPSS
Exploits0References1
OSV
OSVadded 2026/06/12 10:52 p.m.8 views

GHSA-8C9Q-7855-WFXQ File Browser has a Command Execution Allowlist Bypass via Shell Metacharacter Injection

!NOTE This feature has been disabled by default for all installations from v2.33.8 onwards, including for existent installations. To exploit this vulnerability, the instance administrator must turn on a feature and ignore all the warnings about known vulnerabilities. We're publishing this new...

8.7CVSS6.1AI score0.00323EPSS
Exploits0References3
Drupal
Drupaladded 2026/06/03 12:0 a.m.13 views

Commerce Core - Moderately critical - Cross site scripting - SA-CONTRIB-2026-041

The module doesn't sufficiently sanitize customer comments in the order receipt email template; this could be exploited to achieve Cross-site Scripting XSS. This vulnerability is mitigated by the fact that it only affects installations with Checkout commercecheckout enabled, and the "Comments"...

5.8AI score
Exploits0References2
Snyk
Snykadded 2026/05/17 1:36 p.m.5 views

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the pre-auth logic that enables an attacker to activate the default-disabled POJO import feature. The attacker can then upload and import a malicious Java POJO leading to execution of arbitrary code by...

8.8CVSS6.1AI score0.0031EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/04/23 1:24 a.m.4 views

SUSE CVE-2026-33260

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.7AI score0.00524EPSS
Exploits0References3
NVD
NVDadded 2026/04/22 2:16 p.m.10 views

CVE-2026-33254

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...

7.5CVSS0.00371EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/22 1:45 p.m.5 views

CVE-2026-33254 Resource exhaustion via DoQ/DoH3 connections

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...

5.3CVSS5.8AI score0.00371EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/22 1:45 p.m.26 views

CVE-2026-33254 Resource exhaustion via DoQ/DoH3 connections

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...

5.3CVSS0.00371EPSS
Exploits0References1
CVE
CVEadded 2026/04/22 1:45 p.m.17 views

CVE-2026-33254

CVE-2026-33254 affects PowerDNS DNSdist. An attacker can open a large number of concurrent DoQ/DoH3 connections, causing unbounded memory allocation and denial of service. DoQ/DoH3 are disabled by default, which mitigates impact per the sources; no patch/version details are provided in the docume...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinuxadded 2026/04/22 1:45 p.m.2 views

CVE-2026-33254

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...

7.5CVSS5.7AI score0.00371EPSS
Exploits0
EUVD
EUVDadded 2026/04/22 12:30 p.m.3 views

EUVD-2026-24725

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.8AI score0.00524EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/22 12:30 p.m.7 views

EUVD-2026-24720

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.8AI score0.00514EPSS
Exploits0References4
NVD
NVDadded 2026/04/22 10:16 a.m.6 views

CVE-2026-33256

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS0.00606EPSS
Exploits0References1
NVD
NVDadded 2026/04/22 10:16 a.m.7 views

CVE-2026-33257

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS0.00514EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/22 9:39 a.m.6 views

CVE-2026-33260 Insufficient input validation of internal webserver

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.8AI score0.00524EPSS
Exploits0References3
AlpineLinux
AlpineLinuxadded 2026/04/22 9:39 a.m.5 views

CVE-2026-33260

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS5.8AI score0.00524EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2026/04/22 9:37 a.m.3 views

CVE-2026-33257 Insufficient input validation of internal webserver

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.8AI score0.00514EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/22 9:37 a.m.29 views

CVE-2026-33256 Unbounded memory allocation by internal web server

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS0.00606EPSS
Exploits0References1
Rows per page
Query Builder