56 matches found
CVE-2026-9602
Mattermost Desktop App versions =6.2 6.0.2 5.6.13.0 fail to validate payloads sent from the Mattermost Web App to the Desktop App which allows a malicious server owner to crash the Mattermost Desktop App via changing the payload of a method to a malformed one. Mattermost Advisory ID: MMSA-2026-00...
EUVD-2026-45156
Mattermost Desktop App versions =6.2 6.0.2 5.6.13.0 fail to validate payloads sent from the Mattermost Web App to the Desktop App which allows a malicious server owner to crash the Mattermost Desktop App via changing the payload of a method to a malformed one. Mattermost Advisory ID: MMSA-2026-00...
CVE-2026-45678 OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond th...
CVE-2026-45678 OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond th...
EUVD-2018-21948
WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially crafted input file with 238 bytes of data to trigger a buffer overflow...
GHSA-PGVV-Q3WF-MM9M OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads
Summary The Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond the end of the captured buffer and panic. Details The vulnerable logic is in pkg/ebpf/common/sqldetectpostgres.go. In th...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions through the BIND message parsing process. An attacker can cause the application to crash by sending a malformed or empty Postgres BIND payload that lacks a valid NUL-terminated portal...
CVE-2026-32952 go-ntlmssp NTLM challenges can panic on malformed payloads
go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using ntlmssp.Negotiator as an HTTP transport. Version 0.1.1 patches the issue...
CVE-2026-32952
CVE-2026-32952 affects the Go package go-ntlmssp. Before version 0.1.1, a malformed NTLM challenge message can trigger a slice-out-of-bounds panic in ntlmssp.Negotiator when used as an HTTP transport, potentially crashing the Go process. The issue is fixed in version 0.1.1. Affected components ar...
Cosign's verify-blob-attestation reports false positive when payload parsing fails
Description cosign verify-blob-attestation may erroneously report a "Verified OK" result for attestations with malformed payloads or mismatched predicate types. For old-format bundles and detached signatures, this was due to a logic flaw in the error handling of the predicate type validation. For...
CVE-2026-39395 Cosign's verify-blob-attestation reports false positive when payload parsing fails
Cosign provides code signing and transparency for containers and binaries. Prior to 3.0.6 and 2.6.3, cosign verify-blob-attestation may erroneously report a "Verified OK" result for attestations with malformed payloads or mismatched predicate types. For old-format bundles and detached signatures,...
CVE-2026-30867
CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker or a compromised/malicious MQTT broker to remotely crash the host iOS/macOS/tvOS application. If an attacker...
CVE-2026-30867
CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker or a compromised/malicious MQTT broker to remotely crash the host iOS/macOS/tvOS application. If an attacker...
CVE-2026-30867 CocoaMQTT: Denial of Service via Reachable Assertion in `PUBLISH` Packet Parsing
CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker or a compromised/malicious MQTT broker to remotely crash the host iOS/macOS/tvOS application. If an attacker...
CVE-2026-30867 CocoaMQTT: Denial of Service via Reachable Assertion in `PUBLISH` Packet Parsing
CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker or a compromised/malicious MQTT broker to remotely crash the host iOS/macOS/tvOS application. If an attacker...
PT-2026-29743
Name of the Vulnerable Software and Affected Versions CocoaMQTT versions prior to 2.2.2 Description A flaw exists in the packet parsing logic of CocoaMQTT that allows a remote attacker, or a compromised MQTT broker, to crash iOS/macOS/tvOS applications. Publishing a 4-byte malformed payload to a...
CVE-2026-33064
Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...
GHSA-7G27-V5WJ-JR75 free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference
Impact This is a NULL Pointer Dereference vulnerability leading to Denial of Service. - Security Impact: A remote attacker can cause the UDM service to panic and crash by sending a crafted POST request to the /sdm-subscriptions endpoint with a malformed URL path containing path traversal sequence...
CVE-2026-26934
Improper Validation of Specified Quantity in Input CWE-1284 in Kibana can allow an authenticated attacker with view-only privileges to cause a Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted, malformed payload causing excessive resource consumptio...
PT-2026-22163
Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description An attacker with view-only privileges can cause a Denial of Service through Input Data Manipulation. A specially crafted payload can lead to excessive resource consumption, potentially making...