CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2 days ago•5 views

EUVD-2025-210280

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, StepThroughItemsBlock can iterate all the contents in a list and send them to FileStoreBlock for downloading one by one. Although FileStoreBlock has access...

8.7CVSS5.3AI score0.00019EPSS

Cvelist•added 2 days ago•15 views

CVE-2025-32422 AutoGPT has a DoS vulnerability in FileStoreBlock with StepThroughItemsBlock

8.7CVSS0.00019EPSS

CVE•added 2 days ago•7 views

CVE-2025-32392

AutoGPT (workflow automation platform) contains a DoS vulnerability in the LoopVideoBlock before version 0.6.63, where looping a video has no resource limits. The attacker can set an unbounded number of loops, causing an excessively large video file to be written to disk and thereby exhaust disk ...

8.7CVSS5.3AI score0.00019EPSS

Cvelist•added 2 days ago•14 views

CVE-2025-32392 AutoGPT has a DoS vulnerability in LoopVideoBlock

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, AutoGPT's LoopVideoBLock allows users to input a video file and process the video, such as looping it 5 times or extending the time, and finally writing it t...

8.7CVSS0.00019EPSS

Cvelist•added 2 days ago•15 views

CVE-2026-55204 HAProxy - NULL Pointer Dereference in hpack_dht_insert Function

HAProxy through 3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference vulnerability in hpackdhtinsert within src/hpack-tbl.c that fails to validate the return value of hpackdhtdefrag when the memory pool is exhausted. An attacker can trigger HPACK dynamic table insertions under memo...

8.7CVSS

EUVD•added 2 days ago•5 views

EUVD-2026-37906

8.7CVSS5.3AI score

CVE•added 2 days ago•8 views

CVE-2026-55204

HAProxy CVE-2026-55204 affects HAProxy up to version 3.4.0. It describes a null pointer dereference in the function hpack_dht_insert (in src/hpack-tbl.c) that fails to validate the return value of hpack_dht_defrag() when the memory pool is exhausted. Under memory pressure, HPACK dynamic table ins...

8.7CVSS5.3AI score

RedhatCVE•added 2 days ago•6 views

CVE-2026-34356

A flaw was found in Apache HTTP Server. This heap-based buffer overflow vulnerability can be exploited by a malicious backend server when using ProxyPassReverseCookie directives. This could lead to a denial of service DoS condition, making the server unavailable to legitimate users. Mitigation To...

7.5CVSS5.5AI score0.00732EPSS

RedhatCVE•added 2 days ago•5 views

CVE-2026-43951

A flaw was found in Apache HTTP Server. An out-of-bounds read vulnerability exists when modheaders and modmime are used with multiple response languages. This could allow a remote attacker to disclose sensitive information from memory or cause a denial of service. Mitigation - Those who do not...

6.5CVSS5.2AI score0.00525EPSS

EUVD•added 2 days ago•4 views

EUVD-2026-37902

A flaw was found in 389 Directory Server. During schema reload, the attrsyntaxswapht function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsystem. If an administrator triggers schema reload while...

5CVSS5.2AI score

Exploits0References3

CVE•added 2 days ago•11 views

CVE-2026-11791

The CVE-2026-11791 entry concerns 389 Directory Server (389-ds-base), where during schema reload the attr_syntax_swap_ht() function unconditionally frees attribute syntax information nodes, bypassing refcount-based deferred deletion. This can lead to use-after-free or double-free when LDAP query ...

5CVSS5.2AI score

Exploits0References3

RedhatCVE•added 2 days ago•5 views

CVE-2026-44185

A flaw was found in Apache HTTP Server. This buffer over-read vulnerability occurs when the server processes outbound Online Certificate Status Protocol OCSP requests directed to an attacker-controlled OCSP server. This could allow a remote attacker to read sensitive information from memory or...

7.3CVSS5.5AI score0.0047EPSS

RedhatCVE•added 2 days ago•4 views

CVE-2026-42536

A flaw was found in Apache HTTP Server, specifically within the modxml2enc module. This heap-based buffer overflow vulnerability can be triggered when processing untrusted content through the xml2StartParse function. A remote attacker could potentially exploit this to cause a denial of service,...

7.5CVSS6AI score0.00498EPSS

NVD•added 2 days ago•5 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS0.00346EPSS

NVD•added 2 days ago•6 views

CVE-2026-54224

UBB.threads is vulnerable to Denial of Service DoS. By sending multiple concurrent requests to view any user profile on instances with many registered users, an authenticated attacker can easily exhaust database resources and completely deny access to the application for other users. Because vend...

7.1CVSS0.00272EPSS

Microsoft CVE•added 2 days ago•5 views

Azure Bot Service Elevation of Privilege Vulnerability

Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network...

7.7CVSS5.9AI score

Exploits0

ATTACKERKB•added 2 days ago•2 views

CVE-2026-54224

7.1CVSS5.3AI score0.00293EPSS

Exploits0References3

CVE•added 2 days ago•8 views

CVE-2026-54224

UBB.threads is affected by a Denial of Service described in CVE-2026-54224. An authenticated attacker can trigger DoS by issuing multiple concurrent requests to view user profiles on instances with many registered users, exhausting database resources and denying access to the application for othe...

7.1CVSS5.3AI score0.00272EPSS