Lucene search
K

774 matches found

Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-57220 RabbitMQ: Stream listener does not enforce configured frame-size limit during authentication, permitting unauth'd mem-exhaust DoS

RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, the RabbitMQ stream listener does not enforce the configured stream frame-size limit while assembling frames during authentication and before Tune negotiation, allowing an unauthenticated remote client to declare oversized frame length...

7.5CVSS0.00429EPSS
Exploits1References6
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-42920

Several Grafana API endpoints, some of them unauthenticated, do not limit the size of the request body before processing it. An attacker can send very large payloads that force excessive memory allocation, potentially exhausting memory and causing a denial of service...

7.5CVSS6.1AI score0.0038EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-42904

Grav before 2.0.1 contains a decompression bomb vulnerability in ZipArchiver::extract that lacks limits on uncompressed size, file count, and nesting depth. Attackers can supply a crafted ZIP archive that expands to fill available disk space, causing denial of service by exhausting storage...

7.1CVSS6.1AI score0.00249EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-57305

Name of the Vulnerable Software and Affected Versions RabbitMQ versions prior to 4.2.6 Description The RabbitMQ stream listener fails to enforce the configured stream frame-size limit when assembling frames during authentication and before Tune negotiation. This allows an unauthenticated remote...

7.5CVSS6.1AI score0.00429EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-31984

A denial-of-service vulnerability caused by unbounded resource allocation was discovered in the audit logging functionality, due to a missing size limit on input recorded into audit entries. An unauthenticated attacker can submit requests containing excessively large input that is recorded into...

8.7CVSS6AI score0.00274EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-55078 Coder: Zip upload decompression lacks aggregate size limit, enabling denial of service

Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.17.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, POST /api/v2/files converts zip uploads to tar in memory via CreateTarFromZip, which enforced a per-entry size limit but no...

6.5CVSS0.00602EPSS
Exploits0References6
CVE
CVE
added 6 days ago20 views

CVE-2026-55078

Summary: CVE-2026-55078 affects Coder’s remote development environment provisioning via Terraform. The issue lies in POST /api/v2/files where zip uploads are decompressed to tar in memory by CreateTarFromZip, with a per-entry size limit but no aggregate decompression limit, writing to an unbounde...

6.5CVSS6AI score0.00602EPSS
Exploits0References6Affected Software1
OSV
OSV
added 6 days ago8 views

GO-2026-5916 Coder: Zip upload decompression lacks aggregate size limit, enabling denial of service in github.com/coder/coder

Coder: Zip upload decompression lacks aggregate size limit, enabling denial of service in github.com/coder/coder...

6.5CVSS5.9AI score0.00602EPSS
Exploits0References2
CVE
CVE
added 2026/07/06 7:41 p.m.15 views

CVE-2026-55646

CVE-2026-55646 (vLLM) affects vLLM versions 0.22.0–0.23.0. The routes /v1/audio/transcriptions and /v1/audio/translations call request.file.read() to fully materialize an uploaded audio file before enforcing the documented size limit (default 25 MB). This can cause the server to allocate memory p...

6.5CVSS6AI score0.00289EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/07/06 7:41 p.m.2 views

CVE-2026-55646 vLLM speech-to-text endpoints allocate full upload before enforcing the audio file-size limit

vLLM is an inference and serving engine for large language models. From 0.22.0 to 0.23.0, the /v1/audio/transcriptions and /v1/audio/translations routes call request.file.read to fully materialize an uploaded audio file into memory before vLLM checks the documented VLLMMAXAUDIOCLIPFILESIZEMB...

6.5CVSS6AI score0.00289EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/06 7:35 p.m.35 views

CVE-2026-53763 OP-TEE has AES-GCM 32-bit integer overflow in length counters that breaks authentication guarantee

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.0.0 and prior to version 4.11.0, 32-bit integer overflows in OP-TEE core's AES-GCM implementation cause the...

3.8CVSS0.00149EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 4:16 p.m.7 views

CVE-2026-58203

pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...

5.3CVSS0.00138EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 2:24 p.m.13 views

EUVD-2026-41878

pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...

5.3CVSS6AI score0.00138EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 2:24 p.m.4 views

CVE-2026-58203

pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...

5.3CVSS6AI score0.00138EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/07/06 2:24 p.m.3 views

CVE-2026-58203 NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size

pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...

5.3CVSS6AI score0.00138EPSS
Exploits0References3
Snyk
Snyk
added 2026/07/01 7:24 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of enforced limits in the HPackDecoder process. An attacker can exhaust system memory by sending oversized compressed header blocks before the HTTP/2 SETTINGS...

7.5CVSS6.1AI score0.00587EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/01 11:9 a.m.5 views

axios: Axios: Denial of Service due to unenforced request and response size limits

A flaw was found in Axios, a promise-based HTTP client. When using the fetch adapter, Axios did not properly enforce configured request and response size limits. This vulnerability allows a remote attacker, through a malicious or compromised server, or by supplying a large data URL, to send or...

7.5CVSS5.8AI score0.0063EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/06/27 1:52 a.m.7 views

SUSE CVE-2026-54448

Trivy is a security scanner. Prior to 0.71.0, when Trivy scans a Helm chart archive .tgz, its custom tar unpacker reads each entry with io.ReadAlltr and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to...

6.5CVSS5.8AI score0.0025EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 8:59 p.m.3 views

GHSA-WPHV-VFRH-23Q5 joserfc: b64=false RFC7797 JWS payloads bypass JWSRegistry payload-size limits during deserialization

RFC7797 b64=false JWS payloads bypass JWSRegistry payload-size limits during deserialization Summary Testing revealed that joserfc accepts oversized RFC7797 b64=false JWS payloads without applying JWSRegistry.maxpayloadlength. The normal JWS compact and flattened JSON paths reject payloads above...

5.3CVSS5.7AI score0.00163EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/26 8:59 p.m.12 views

EUVD-2026-37805

joserfc: b64=false RFC7797 JWS payloads bypass JWSRegistry payload-size limits during deserialization...

5.3CVSS5.8AI score0.00163EPSS
Exploits0References3
Rows per page
Query Builder