CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/13 9:32 p.m.•9 views

EUVD-2026-30138

The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated user with access to the Grafana Live API can trigger this issue...

6.5CVSS5.8AI score0.00016EPSS

Tenable Nessus•added 2026/05/11 12:0 a.m.•6 views

Unity Linux 20.1070e Security Update: netty (UTSA-2026-017795)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017795 advisory. The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large...

7.5CVSS6.9AI score0.04327EPSS

OSV•added 2026/05/07 1:54 a.m.•1 views

GHSA-FPF5-4JW8-67X8 rust-zserio has Unbounded Memory Allocation

Impact When deserializing arrays, strings or bytes blob types zserio first reads the size of the variable, and then allocates sufficient memory to load data. Since the size is always trusted this can be abused by creating a data file with a large size value, causing the zserio runtime to allocate...

7.5CVSS5.8AI score

CVE•added 2026/05/03 11:55 p.m.•7 views

CVE-2026-6948

CVE-2026-6948 affects Velociraptor servers prior to version 0.76.4, where the VQLResponse Result-Set Writer can allocate memory unboundedly in the agent control channel. A compromised Velociraptor client can trigger an Out-Of-Memory (OOM) condition, crashing the server by sending crafted messages...

4.9CVSS5.8AI score0.00016EPSS

Vulnrichment•added 2026/04/24 8:0 a.m.•2 views

CVE-2026-21728 Tempo query limit results in unbounded memory allocation

Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy. Mitigation can be done by setting maxresultlimit in the search config, e.g. to 262144 2^18...

7.5CVSS5.2AI score0.00018EPSS

Snyk•added 2026/04/17 10:41 p.m.•0 views

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the endpoints.GetSessionCookie function. An attacker can exhaust system memory resources by sending specially crafted requests containing a large cookie chunk count, resulting in unbounded...

8.7CVSS5.8AI score0.00032EPSS

OSV•added 2026/04/16 8:44 p.m.•2 views

GHSA-353C-V8X9-V7C3 MCP-Framework: Unbounded memory allocation in readRequestBody allows denial of service via HTTP transport

Summary The readRequestBody function in src/transports/http/server.ts concatenates HTTP request body chunks into a string with no size limit, allowing a remote unauthenticated attacker to crash the server via memory exhaustion with a single large HTTP POST request. Details File:...

8.7CVSS5.9AI score0.00067EPSS

EUVD•added 2026/04/16 8:44 p.m.•1 views

EUVD-2026-23300

MCP-Framework: Unbounded memory allocation in readRequestBody allows denial of service via HTTP transport...

8.7CVSS5.8AI score0.00067EPSS

CVE•added 2026/03/16 11:6 a.m.•4 views

CVE-2026-2456

Mattermost is affected by CVE-2026-2456 due to an unbounded memory allocation when handling responses from integration action endpoints. A authenticated attacker can cause server memory exhaustion and a denial of service by having a malicious integration server return an arbitrarily large respons...

5.7CVSS5.8AI score0.00048EPSS

Exploits0References1Affected Software1

NVD•added 2026/03/11 8:16 p.m.•2 views

CVE-2026-31961

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...

5.5CVSS0.00019EPSS

EUVD•added 2026/03/11 12:38 a.m.•1 views

EUVD-2026-11329

Quill has unbounded memory allocation via unvalidated size fields in Mach-O binary parsing...

5.5CVSS5.8AI score0.00019EPSS

Cvelist•added 2026/02/18 8:47 p.m.•17 views

CVE-2025-14876 Qemu-kvm: unbounded allocation in virtio-crypto

A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service DoS on the host system by causing the QEMU process to terminate...

5.5CVSS0.00005EPSS

RedhatCVE•added 2026/02/04 3:15 a.m.•4 views

CVE-2025-58346

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/sendaddts write operation, leading to kernel...

5.5CVSS5.6AI score0.0002EPSS

RedhatCVE•added 2026/02/04 3:15 a.m.•2 views

CVE-2025-58345

5.5CVSS5.6AI score0.0002EPSS

RedhatCVE•added 2026/02/04 3:15 a.m.•1 views

CVE-2025-58347

5.5CVSS5.6AI score0.00007EPSS

NVD•added 2026/02/03 6:16 p.m.•5 views

CVE-2025-58347

5.5CVSS0.00007EPSS

NVD•added 2026/02/03 6:16 p.m.•4 views

CVE-2025-58348

5.5CVSS0.00007EPSS

NVD•added 2026/02/03 6:16 p.m.•2 views

CVE-2025-58344

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation in a /proc/driver/unifi0/connlogeventbursttous write operation, leading to kernel memory...

6.2CVSS0.00007EPSS

Vulnrichment•added 2026/02/03 12:0 a.m.•2 views

CVE-2025-58343

5.6AI score0.00007EPSS