Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/06/10 2:35 p.m.7 views

EEF-CVE-2026-49760 Stack Buffer Overflow in ei_s_print_term at Very Large Integer

Summary Stack-based Buffer Overflow vulnerability in Erlang OTP erl\interface allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erl\interface/src/misc/ei\printterm.c and program routine ei\s\print\term. The C function ei\s\print\term uses an internal...

6.9CVSS5.7AI score0.00138EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/06/06 6:43 p.m.7 views

CVE-2026-42790

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeycert and publickey modules allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification. Two flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted e.g...

8.1CVSS5.5AI score0.00235EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/21 12:1 p.m.3 views

CVE-2026-32147

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to modify file attributes outside the configured chroot directory. The SFTP daemon sshsftpd stores the raw, user-supplied path in file...

5.3CVSS5.8AI score0.00354EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2026/04/07 9:16 a.m.2 views

DEBIAN-CVE-2026-28810

Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel inetres, inetdb modules allows DNS Cache Poisoning. The built-in DNS resolver inetres uses a sequential, process-global 16-bit transaction ID for UDP queries and does not implement source port randomization...

3.7CVSS5.4AI score0.00269EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2026/04/07 7:50 a.m.2 views

CVE-2026-28810

Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel inetres, inetdb modules allows DNS Cache Poisoning. The built-in DNS resolver inetres uses a sequential, process-global 16-bit transaction ID for UDP queries and does not implement source port randomization...

6.3CVSS5.4AI score0.00269EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/02/20 12:0 a.m.5 views

PT-2026-21008

Name of the Vulnerable Software and Affected Versions erlang otp versions 1.0 through 6.9 erlang otp version 17.0 erlang otp versions prior to 7.0 Description The software contains a Relative Path Traversal and Improper Isolation or Compartmentalization issue. The issue is associated with program...

2.3CVSS5.2AI score0.00461EPSS
Exploits0References47
CNNVD
CNNVDadded 2025/03/28 12:0 a.m.2 views

Erlang/OTP 安全漏洞

Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library can catch exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP versions prior to OTP-27.3.1, prior to OTP-26.2.5.10, and prior to...

7.5CVSS7.5AI score0.00402EPSS
Exploits0References2
Rows per page
Query Builder