CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/03/18 8:32 p.m.•2 views

CVE-2026-31972 samtools mpileup has use-after-free leading to an invalid read

6.9CVSS5.7AI score0.00023EPSS

Debian CVE•added 2026/03/18 8:32 p.m.•3 views

CVE-2026-31972

9.8CVSS5.3AI score0.00023EPSS

Exploits0

EUVD•added 2026/03/18 8:32 p.m.•1 views

EUVD-2026-12956

6.9CVSS5.7AI score0.00023EPSS

OSV•added 2026/03/18 8:16 p.m.•4 views

UBUNTU-CVE-2026-31966

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. As one method of removing redundant data, CRAM uses reference-based compression so that instead of storing the full sequence for each alignment record it...

9.1CVSS6.1AI score0.00022EPSS

Exploits0References6

EUVD•added 2026/03/18 7:38 p.m.•4 views

EUVD-2026-12942

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. For the VARINT and CONST encodings, incomplete validation of the context in which the encodings were...

8.8CVSS6.2AI score0.0002EPSS

NVD•added 2026/03/18 7:16 p.m.•3 views

CVE-2026-31963

8.8CVSS0.00061EPSS

EUVD•added 2026/03/18 7:15 p.m.•4 views

EUVD-2026-12938

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. In the cramdecodeslice function called while reading CRAM records, the value of the mate reference id field was not validated. Later use of this value, fo...

6.9CVSS5.7AI score0.00024EPSS

CNNVD•added 2026/03/18 12:0 a.m.•2 views

HTSlib 安全漏洞

HTSlib is a C-language library file developed by samtools. Versions of HTSlib prior to 1.23.1, 1.22.2, and 1.21.1 have security vulnerabilities. These vulnerabilities stem from the bgzfindexloadhfile function, which involves integer overflows, potentially leading to heap buffer overflows...

8.1CVSS5.9AI score0.0005EPSS

Exploits0References3

CNNVD•added 2026/03/18 12:0 a.m.•2 views

HTSlib 缓冲区错误漏洞

HTSlib is a C-language library developed by samtools. Versions of HTSlib prior to 1.23.1, 1.22.2, and 1.21.1 contain a buffer error vulnerability. This vulnerability stems from a single-digit error during the decoding of CRAM features, which may lead to a heap buffer overflow...

8.8CVSS6.1AI score0.00061EPSS

Exploits0References3

Positive Technologies•added 2026/01/01 12:0 a.m.•4 views

PT-2026-26142

9.1CVSS6AI score0.00022EPSS

Exploits0References8

RedHat Linux•added 2025/05/27 11:49 a.m.•2 views

unbound: Unbounded name compression could lead to Denial of Service

A flaw was found in Unbound which can lead to degraded performance and an eventual denial of service when handling replies with very large RRsets that require name compression to be applied. Versions prior to 1.21.1 do not have a hard limit on the number of name compression calculations that...

RedHat Linux•added 2024/12/17 8:0 p.m.•1 views

unbound: Unbounded name compression could lead to Denial of Service

RedHat Linux•added 2024/12/17 6:55 p.m.•2 views

unbound: Unbounded name compression could lead to Denial of Service

OSV•added 2024/10/18 11:9 a.m.•1 views

OESA-2024-2266 unbound security update

Unbound is a validating, recursive, caching DNS resolver. It is designed to be fast and lean and incorporates modern features based on open standards. To help increase online privacy, Unbound supports DNS-over-TLS which allows clients to encrypt their communication. Unbound is available for most...

5.3CVSS6.6AI score0.00163EPSS

Amazon•added 2024/10/14 12:0 a.m.•5 views

Medium: unbound

Issue Overview: NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying...