132 matches found
CVE-2026-59928
A flaw was found in Mistune, a Python Markdown parser. A remote attacker could exploit this vulnerability by providing a specially crafted Markdown document containing numerous repeated or distinct reference-link definitions. This can lead to excessive processing, causing CPU exhaustion and a...
CVE-2026-56669
Elysia (a TypeScript framework for request validation, type inference, OpenAPI docs, and client-server communication) contains a vulnerability (CVE-2026-56669) caused by using getAll in form data normalization for multipart/form-data endpoints prior to 1.4.29. This leads to quadratic growth in wo...
ImageMagick: ImageMagick: Denial of Service via crafted MIFF file
A flaw was found in ImageMagick. A remote attacker could provide a specially crafted MIFF Magick Image File Format file, which, due to a missing check in the MIFF decoder, would lead to an infinite loop. This vulnerability results in CPU exhaustion, causing a Denial of Service DoS for the affecte...
CVE-2026-55199
A vulnerability in libssh2 allows a malicious SSH server to freeze connected clients during the handshake process. By sending a malformed packet, the server triggers a loop that exhausts the client's CPU, resulting in a denial of service. Mitigation To mitigate this issue, ensure your libssh2...
CVE-2026-53539
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, when parsing application/x-www-form-urlencoded bodies, QuerystringParser located the field separator with a two step lookup: it first scanned the entire remaining buffer for &, and only when no & existed anywhere ahead...
Linux Distros Unpatched Vulnerability : CVE-2026-55199
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that...
Concurrent Ruby - `AtomicReference#update` livelocks when the stored value is `Float::NAN`
Summary Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between: - AtomicReferenceupdate, which retries until compareandsetoldvalue, newvalue succeeds. - Numeric compareandset, which checks old ==...
Denial Of Service (DoS)
markdown-it is vulnerable to Denial of Service DoS. The vulnerability is due to quadratic-time processing in the smartquotes rule when typographer: true is enabled, which allows an attacker to supply specially crafted markdown containing consecutive quotation marks and consume excessive CPU...
RUSTSEC-2026-0179 Unbounded SCRAM iteration count allows a malicious server to cause CPU-exhaustion denial of service
A malicious, compromised, or man-in-the-middle server can supply an arbitrarily large SCRAM-SHA-256 PBKDF2 iteration count during authentication. The client runs it inline with no upper bound, pinning a tokio worker thread for minutes per connection, possibly stalling the whole async runtime...
EUVD-2026-36162
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the iss...
CVE-2026-46522
CVE-2026-46522 : ImageMagick’s MIFF decoder contains a missing input-length check in ReadMIFFImage, causing an infinite loop that can exhaust CPU. This affects pre-fix releases prior to 7.1.2.23 and 6.9.13-48. The issue’s impact is CPU exhaustion (availability) as described in multiple advisories...
CVE-2026-39820
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...
CVE-2026-40863
PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the SpreadsheetML XML reader Reader\Xml does not validate the ss:Index row attribute against the maximum allowed row count AddressRange::MAXROW = 1,048,576. An attack...
CVE-2026-45680 OpenTelemetry eBPF Instrumentation: Unbounded BPF internal metrics replay can exhaust CPU
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI replays BPF probe hits into histogram observations by looping once per recorded run count. On busy systems, the run-count delta can become very large, causing the...
IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward
...
ImageMagick security vulnerabilities
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. ImageMagick has security vulnerabilities; these vulnerabilities stem from infinite loops in the MIFF decoder, which can lead to CPU...
Elastic Kibana 安全漏洞
Elastic Kibana is a data visualization dashboard software provided by the Elastic company. There is a security vulnerability in Elastic Kibana, which stems from uncontrolled resource consumption. This vulnerability may allow authenticated users to cause excessive memory and CPU resource consumpti...
synapse 安全漏洞
Synapse is an open-source matrix main server developed by Element. Versions prior to 1.152.1 of Synapse contained a security vulnerability. This vulnerability occurred due to locally authenticated users being able to exhaust CPU resources, causing other requests to fail and leading to...
EUVD-2026-32043
IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...
Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2026-1737)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1737 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...