17 matches found
CVE-2026-35457
libp2p-rust is the official rust language Implementation of the libp2p networking stack. Prior to 0.17.1, the rendezvous server stores pagination cookies without bounds. An unauthenticated peer can repeatedly issue DISCOVER requests and force unbounded memory growth. This vulnerability is fixed i...
CVE-2026-35457
libp2p-rust is the official rust language Implementation of the libp2p networking stack. Prior to 0.17.1, the rendezvous server stores pagination cookies without bounds. An unauthenticated peer can repeatedly issue DISCOVER requests and force unbounded memory growth. This vulnerability is fixed i...
CVE-2026-35405 libp2p-rendezvous: Unlimited namespace registrations per peer enables OOM DoS on rendezvous servers
libp2p-rust is the official rust language Implementation of the libp2p networking stack. Prior to 0.17.1, libp2p-rendezvous server has no limit on how many namespaces a single peer can register. A malicious peer can just keep registering unique namespaces in a loop and the server happily accepts...
CVE-2026-35405 libp2p-rendezvous: Unlimited namespace registrations per peer enables OOM DoS on rendezvous servers
libp2p-rust is the official rust language Implementation of the libp2p networking stack. Prior to 0.17.1, libp2p-rendezvous server has no limit on how many namespaces a single peer can register. A malicious peer can just keep registering unique namespaces in a loop and the server happily accepts...
libp2p-rendezvous: Unbounded rendezvous DISCOVER cookies enable remote memory exhaustion
Summary The rendezvous server stores pagination cookies without bounds. An unauthenticated peer can repeatedly issue DISCOVER requests and force unbounded memory growth. Details Pagination state is stored in: rs HashMap On Message::Discover: remote peer → DISCOVER → handlerequest →...
GHSA-CQFX-GF56-8X59 libp2p-rendezvous: Unlimited namespace registrations per peer enables OOM DoS on rendezvous servers
Summary found that libp2p-rendezvous server has no limit on how many namespaces a single peer can register. a malicious peer can just keep registering unique namespaces in a loop and the server happily accepts every single one allocating memory for each registration with no pushback. keep doing...
libp2p-rendezvous: Unlimited namespace registrations per peer enables OOM DoS on rendezvous servers
Summary found that libp2p-rendezvous server has no limit on how many namespaces a single peer can register. a malicious peer can just keep registering unique namespaces in a loop and the server happily accepts every single one allocating memory for each registration with no pushback. keep doing...
PT-2026-30324
Name of the Vulnerable Software and Affected Versions libp2p-rendezvous versions prior to 0.56.1 Description The libp2p-rendezvous server is susceptible to an Out-of-Memory OOM Denial of Service DoS condition. The server does not limit the number of namespaces a single peer can register. A...
PT-2026-30338
Name of the Vulnerable Software and Affected Versions libp2p-rendezvous affected versions not specified Description The rendezvous server stores pagination cookies without bounds, leading to unbounded memory growth. An unauthenticated peer can repeatedly issue DISCOVER requests to exploit this...
CVE-2026-30784
Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server rustdesk-server, rustdesk-server-pro on hbbs/hbbr on all server platforms Rendezvous server hbbs, relay server hbbr modules allows Privilege Abuse. This vulnerability is associated...
SUSE CVE-2026-30784
This CVE ID has been withdrawn by its CVE Numbering Authority...
CVE-2026-30784
Rejected reason: This CVE ID has been withdrawn by its CVE Numbering Authority...
CVE-2026-30784
...
CVE-2026-30784
This CVE ID has been withdrawn by its CVE Numbering Authority...
CVE-2026-30784
...
CVE-2026-30784
CVE-2026-30784 entry is rejected/not used and does not represent an active vulnerability.
PT-2026-23465
Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server rustdesk-server, rustdesk-server-pro on hbbs/hbbr on all server platforms Rendezvous server hbbs, relay server hbbr modules allows Privilege Abuse. This vulnerability is associated...