Lucene search
K

11208 matches found

CVE
CVE
added yesterday5 views

CVE-2026-15163

CVE-2026-15163 concerns infinite loops in multiple Wireshark protocol dissectors, impacting Wireshark versions 4.6.0–4.6.6 and 4.4.0–4.4.16. The root cause is described as a loop with an unreachable exit condition, leading to a denial of service (DoS). The CVSS score is 5.5 (Medium) with LOCAL at...

5.5CVSS5.9AI score
Exploits0References5
CVE
CVE
added yesterday5 views

CVE-2026-59936

Technical details about CVE-2026-59936 are not publicly available in the provided documents. Monitor for updates from official advisories to learn affected versions, impact, and fixes.

8.7CVSS6AI score
Exploits0References4
CVE
CVE
added yesterday4 views

CVE-2026-59935

The CVE affects the Python PDF library pypdf prior to 6.14.2, where a crafted PDF page content stream with an inline image not terminated and using ASCII85/ASCIIHex filters can cause an infinite loop during parsing (e.g., text extraction). This may impact availability (as per CVSS) with no confid...

8.7CVSS6AI score
Exploits0References4
NVD
NVD
added yesterday8 views

CVE-2026-59877

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.6.5 and 8.6.6, protobufjs parsed option names by advancing through schema tokens until reaching an = token without checking for end of input, so a crafted .proto schema that opens an option declaration and ends...

5.3CVSS
Exploits0References6
CVE
CVE
added yesterday6 views

CVE-2026-59877

CVE-2026-59877 affects protobufjs versions prior to 7.6.5 and 8.6.6, where parsing of .proto option declarations can loop indefinitely when the input ends prematurely. The issue occurs during the parsing of option names and may affect Root.load and Root.loadSync, potentially causing a Denial of S...

5.3CVSS6AI score
Exploits0References6
EUVD
EUVD
added yesterday3 views

EUVD-2026-42310

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.6.5 and 8.6.6, protobufjs parsed option names by advancing through schema tokens until reaching an = token without checking for end of input, so a crafted .proto schema that opens an option declaration and ends...

5.3CVSS6AI score
Exploits0References6
CVE
CVE
added yesterday5 views

CVE-2026-59874

node-tar is a Node.js tar archive library. Prior to 7.5.18, tar.replace accepts a checksum-valid tar header with a negative base-256 encoded entry size, causing the archive scanner to loop on the same header and make no progress; this is fixed in version 7.5.18. Upgrade to 7.5.18 to remediate. Th...

8.7CVSS5.9AI score
Exploits0References3
Cvelist
Cvelist
added yesterday5 views

CVE-2026-59874 node-tar: Negative tar entry size causes infinite loop in archive replace

node-tar is a tar archive manipulation library for Node.js. Prior to 7.5.18, tar.replace accepts a checksum-valid tar header with a negative base-256 encoded entry size, causing the archive scanner to make no progress while repeatedly parsing the same header. This issue is fixed in version 7.5.18...

8.7CVSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 5 days ago4 views

Security Bulletin: Due to the use of Google Go, IBM Cloud Pak Sys is affected by an infinite loop when unmarshaling certain forms of invalid JSON

Summary Vulnerability in Go used by Cloud Pak System CVE-2024-24786. Vulnerability Details CVEID:CVE-2024-24786 DESCRIPTION: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which...

7.5CVSS6.7AI score0.01262EPSS
Exploits0Affected Software2
RedhatCVE
RedhatCVE
added 6 days ago5 views

CVE-2026-54886

A flaw was found in the Erlang OTP ssh Secure Shell component, specifically within its SFTP SSH File Transfer Protocol module. An authenticated SFTP user can exploit this vulnerability by sending specially crafted extended data on an open channel. This action triggers an infinite loop in the...

6.5CVSS5.9AI score0.0033EPSS
Exploits0References8
Snyk
Snyk
added 6 days ago5 views

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop in the udpreceive process. An attacker can cause the client to enter a busy-loop and become unresponsive by continuously sending zero-length UDP datagrams from a malicious HTTP/3 server. Remediation Upgrade libcurl to...

8.7CVSS6.2AI score0.00756EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 6 days ago3 views

Dhcpcd: dhcpcd infinite loop and out-of-bounds read via zero-length ipv6 nd option in router advertisement handling

...

6.5CVSS5.9AI score0.00248EPSS
Exploits0
OSV
OSV
added 6 days ago3 views

UBUNTU-CVE-2026-54886

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handledata/4 function in sshsftpd contains a catch-all clause that accepts channel data of any type. When...

5.3CVSS6.1AI score0.0033EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 6 days ago4 views

Linux Distros Unpatched Vulnerability : CVE-2026-54886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to render an SFTP channel...

5.3CVSS6.1AI score0.0033EPSS
Exploits0References3
NVD
NVD
added last week8 views

CVE-2026-54886

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handledata/4 function in sshsftpd contains a catch-all clause that accepts channel data of any type. When...

5.3CVSS0.0033EPSS
Exploits0References5
EUVD
EUVD
added last week7 views

EUVD-2026-41413

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handledata/4 function in sshsftpd contains a catch-all clause that accepts channel data of any type. When...

5.3CVSS6AI score0.0033EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added last week12 views

CVE-2026-54886 SSH SFTP server denial of service via extended channel data infinite loop

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handledata/4 function in sshsftpd contains a catch-all clause that accepts channel data of any type. When...

5.3CVSS6AI score0.0033EPSS
Exploits0References5
OSV
OSV
added last week3 views

EEF-CVE-2026-54886 SSH SFTP server denial of service via extended channel data infinite loop

Summary Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh ssh\sftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handle\data/4 function in ssh\sftpd contains a catch-all clause that accepts channel data of any...

5.3CVSS6AI score0.0033EPSS
Exploits0References4
Debian CVE
Debian CVE
added last week5 views

CVE-2026-54886

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handledata/4 function in sshsftpd contains a catch-all clause that accepts channel data of any type. When...

5.3CVSS6AI score0.0033EPSS
Exploits0
CVE
CVE
added last week13 views

CVE-2026-54886

The vulnerability CVE-2026-54886 affects Erlang/OTP's SSH server side (ssh_sftpd) and allows an authenticated SFTP client to trigger an infinite loop on a channel by sending SSH_MSG_CHANNEL_EXTENDED_DATA. The handle_data/4 clause tail-calls itself when a non-zero data_type_code arrives with an em...

5.3CVSS6AI score0.0033EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder