Lucene search
K

1157 matches found

OSV
OSV
added 2026/07/06 5:48 a.m.3 views

BIT-ELASTICSEARCH-2026-56148 Uncontrolled Recursion in Elasticsearch Leading to Denial of Service

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS6AI score0.00347EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/07/02 10:12 a.m.16 views

CVE-2026-44740

A flaw was found in Billy, an interface filesystem abstraction for Go. This vulnerability allows a remote attacker to cause a Denial of Service DoS by providing crafted or malformed input. The issue arises from insufficient validation and missing safety mechanisms when processing untrusted...

7.5CVSS6AI score0.00295EPSS
Exploits0References6
CVE
CVE
added 2026/07/02 12:0 a.m.12 views

CVE-2026-38970

The provided data confirms a concrete vulnerability in pdfcpu

7.5CVSS5.8AI score0.00451EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 5:16 p.m.6 views

CVE-2026-56148

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS0.00347EPSS
Exploits0References1
OSV
OSV
added 2026/07/01 5:16 p.m.5 views

UBUNTU-CVE-2026-56148

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS5.8AI score0.00347EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/01 4:17 p.m.37 views

CVE-2026-56148 Uncontrolled Recursion in Elasticsearch Leading to Denial of Service

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS0.00347EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 4:17 p.m.6 views

CVE-2026-56148

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS5.8AI score0.00347EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/07/01 4:17 p.m.9 views

EUVD-2026-41065

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS5.8AI score0.00347EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 4:17 p.m.54 views

CVE-2026-56148

CVE-2026-56148 — Elasticsearch Uncontrolled Recursion (DoS) Affected software: Elasticsearch (8.x and 9.x lines). What is vulnerable: Uncontrolled recursion in query processing that can cause excessive resource consumption, leading to denial of service on a node. Exposed to authenticated users wi...

6.5CVSS5.8AI score0.00347EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.8 views

PT-2026-54863

Name of the Vulnerable Software and Affected Versions Elasticsearch versions prior to 8.19.17 Elasticsearch versions prior to 9.3.6 Elasticsearch versions prior to 9.4.3 Description An authenticated user can trigger a denial of service by submitting a specially crafted query. This occurs due to...

6.5CVSS5.7AI score0.00347EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/29 7:10 p.m.26 views

CVE-2026-54888 Uncontrolled recursion over deeply nested Markdown crashes the BEAM in mdex

Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir %MDEx.Document struct and Comrak's internal AST using two mutually recursive Rust functions, exdocumenttocomrakast and comrakasttoexdocument, in the NI...

6.9CVSS0.00168EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:10 p.m.6 views

CVE-2026-54888

Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir %MDEx.Document struct and Comrak's internal AST using two mutually recursive Rust functions, exdocumenttocomrakast and comrakasttoexdocument, in the NI...

6.9CVSS5.9AI score0.00168EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2026/06/29 7:10 p.m.5 views

EEF-CVE-2026-54888 Uncontrolled recursion over deeply nested Markdown crashes the BEAM in mdex

Summary Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir %MDEx.Document struct and Comrak's internal AST using two mutually recursive Rust functions, ex\document\to\comrak\ast and...

6.9CVSS5.9AI score0.00168EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/24 3:50 p.m.40 views

CVE-2026-54297 Faraday: Uncontrolled recursion in NestedParamsEncoder allows stack exhaustion DoS via deeply nested query parameters

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. From 1.0.0 until 1.10.6 and 2.14.3, Faraday::NestedParamsEncoder, the default nested query parameter encoder/decoder in Faraday, decodes nested query strings without enforcing a maximum nestin...

7.5CVSS0.00391EPSS
Exploits1References1
OSV
OSV
added 2026/06/23 6:17 p.m.3 views

UBUNTU-CVE-2025-71382

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS6AI score0.00316EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/23 5:21 p.m.5 views

EUVD-2025-210322

MuPDF before 1.27.0-rc1 contains an uncontrolled recursion vulnerability in the EPUB CSS rendering engine that allows remote attackers to cause a denial of service by supplying a maliciously crafted EPUB file with deeply nested HTML elements and inline CSS styles. The function...

7.1CVSS6AI score0.00316EPSS
Exploits1References4
Snyk
Snyk
added 2026/06/22 2:22 p.m.4 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the NestedParamsEncoder module through the dehash routine. An attacker can cause the application to crash and exhaust system resources by submitting a deeply nested query string that triggers uncontrolled...

8.7CVSS5.9AI score0.00391EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/20 12:50 p.m.5 views

Security Bulletin: Multiple security vulnerabilities in .NET affect IBM Robotic Process Automation

Summary Multiple security vulnerabilities in .NET affect IBM Robotic Process Automation. .NET is used by IBM Robotic Process as part of it's development framework. This security bulletin identifies the fixes required to resolve these vulnerabilities Vulnerability Details CVEID:CVE-2026-26171...

7.5CVSS6.1AI score0.02142EPSS
Exploits2Affected Software1
Redos
Redos
added 2026/06/18 12:0 a.m.6 views

ROS-20260618-73-0026

The vulnerability in ImageMagick is related to uncontrolled recursion. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.5CVSS5.3AI score0.0051EPSS
Exploits0
Redos
Redos
added 2026/06/18 12:0 a.m.5 views

ROS-20260618-73-0025

The vulnerability in ImageMagick 7 is related to uncontrolled recursion. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.5CVSS5.3AI score0.0051EPSS
Exploits0
Rows per page
Query Builder