Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9290 matches found

UbuntuCve
UbuntuCveadded 2026/02/11 7:15 p.m.14 views

CVE-2025-69873

ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor without...

7.5CVSS6.9AI score0.00407EPSS
Exploits1References2
Ubuntu
Ubuntuadded 2026/02/11 5:5 p.m.6 views

USN-8027-1: Python-Multipart vulnerabilities

It was discovered that Python-Multipart incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Python-Multipart to consume excessive resources, leading to a regular expression denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2024-24762...

8.6CVSS6.2AI score0.01761EPSS
Exploits6
Snyk
Snykadded 2026/02/11 12:0 a.m.2 views

Regular Expression Denial of Service (ReDoS)

Overview ajv is an Another JSON Schema Validator Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to improper validation of the pattern keyword when combined with $data references. An attacker can cause the application to become unresponsive and...

8.2CVSS5.6AI score0.00407EPSS
Exploits1References2
Snyk
Snykadded 2026/02/11 12:0 a.m.3 views

Regular Expression Denial of Service (ReDoS)

Overview org.webjars.npm:ajv is an Another JSON Schema Validator Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to improper validation of the pattern keyword when combined with $data references. An attacker can cause the application to become...

8.2CVSS5.7AI score0.00407EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/02/11 12:0 a.m.4 views

CVE-2025-69873

ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor without...

2.9CVSS6.1AI score0.00407EPSS
Exploits1References6
ATTACKERKB
ATTACKERKBadded 2026/02/11 12:0 a.m.8 views

CVE-2025-69873

ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor without...

7.5CVSS6.1AI score0.00407EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologiesadded 2026/02/11 12:0 a.m.8 views

PT-2026-8025

Name of the Vulnerable Software and Affected Versions Milvus versions prior to 2.5.27 Milvus versions prior to 2.6.10 Description Milvus, an open-source vector database for generative AI applications, is affected by an issue that allows authentication bypasses. The software exposes TCP port 9091 ...

9.9CVSS5.6AI score0.27661EPSS
Exploits44References126
Debian CVE
Debian CVEadded 2026/02/11 12:0 a.m.4 views

CVE-2025-69873

ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor without...

7.5CVSS6.4AI score0.00407EPSS
Exploits1
CVE
CVEadded 2026/02/10 9:21 p.m.11 views

CVE-2026-26006

AutoGPT (significant-gravitas/autogpt) before version 0.6.32 is vulnerable in the Code Extraction Block due to two adjacent quantifiers in regex patterns that can cause catastrophic backtracking with long sequences of spaces, leading to DoS. The fix is to upgrade to 0.6.32. If upgrading is not po...

6.5CVSS5.6AI score0.00473EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVEadded 2026/02/10 7:22 p.m.3 views

CVE-2026-25478

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to 2.20.0, CORSConfig.allowedoriginsregex is constructed using a regex built from configured allowlist values and used with fullmatch for validation. Because metacharacters are not escaped, a malicious origin can match...

7.4CVSS5.5AI score0.00383EPSS
Exploits1References1
OSV
OSVadded 2026/02/10 7:15 p.m.6 views

CVE-2026-1849

MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression...

7.5CVSS5.9AI score
Exploits0References1
MongoDB
MongoDBadded 2026/02/10 6:52 p.m.11 views

Mongod can run out of stack memory when expressions create deeply nested documents

MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodically check the depth of the expression...

7.5CVSS5.5AI score0.00272EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2026/02/10 6:49 p.m.26 views

CVE-2026-1850

CVE-2026-1850: Complex queries can cause excessive memory usage in the MongoDB Query Planner, leading to an Out-Of-Memory crash. Affected component: MongoDB Query Planner. Root cause: excessive memory consumption from complex queries. Impact: availability high (per CVSS 4.0), with no confidential...

7.5CVSS5.4AI score0.00243EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2026/02/10 12:0 a.m.8 views

PT-2026-7472

Name of the Vulnerable Software and Affected Versions AutoGPT versions prior to 0.6.32 Description AutoGPT is a platform for creating, deploying, and managing continuous artificial intelligence agents that automate complex workflows. Versions of AutoGPT before 0.6.32 contain a Regular Expression...

6.5CVSS5.5AI score0.00473EPSS
Exploits1References10
CNNVD
CNNVDadded 2026/02/10 12:0 a.m.8 views

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a company based in the United States. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which ste...

7.5CVSS5.8AI score0.00272EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/02/10 12:0 a.m.4 views

libssh 安全漏洞

libssh is a C-language development package from the libssh organization that allows access to SSH services. It can execute remote commands, transfer files, and provide a secure transmission channel for remote programs. libssh has security vulnerabilities, which stem from inefficient regular...

5.5CVSS6.5AI score0.00223EPSS
Exploits0References5
Snyk
Snykadded 2026/02/09 7:56 p.m.4 views

Incorrect Regular Expression

Overview litestar is a Litestar - A production-ready, highly performant, extensible ASGI API Framework Affected versions of this package are vulnerable to Incorrect Regular Expression via the allowedhosts host validation. An attacker can gain unauthorized access by supplying a specially crafted...

6.5CVSS5.6AI score0.00316EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/02/09 6:46 p.m.3 views

CVE-2026-25478

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to 2.20.0, CORSConfig.allowedoriginsregex is constructed using a regex built from configured allowlist values and used with fullmatch for validation. Because metacharacters are not escaped, a malicious origin can match...

7.4CVSS5.5AI score0.00383EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/09 6:46 p.m.1 views

CVE-2026-25478 Litestar has a CORS origin allowlist bypass due to unescaped regex metacharacters in allowed origins

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to 2.20.0, CORSConfig.allowedoriginsregex is constructed using a regex built from configured allowlist values and used with fullmatch for validation. Because metacharacters are not escaped, a malicious origin can match...

7.4CVSS5.5AI score0.00383EPSS
Exploits1References4
CNNVD
CNNVDadded 2026/02/09 12:0 a.m.7 views

Litestar 安全漏洞

Litestar is a powerful, flexible, yet stubbornly opinionated ASGI framework developed by Litestar itself. Versions of Litestar prior to 2.20.0 contained security vulnerabilities, which stemmed from the lack of escaping regular expression metacharacters, potentially allowing malicious sources to...

7.4CVSS5.8AI score0.00383EPSS
Exploits1References5
Rows per page
Query Builder