Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3997 matches found

Cvelist
Cvelistadded 2026/04/12 7:23 p.m.18 views

CVE-2026-40396

Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...

4CVSS0.00347EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/12 7:23 p.m.0 views

CVE-2026-40396

Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...

4CVSS5.9AI score0.00347EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/12 7:23 p.m.3 views

CVE-2026-40396

Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...

4CVSS5.9AI score0.00347EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2026/04/12 7:23 p.m.8 views

CVE-2026-40396

Varnish Cache 9 prior to 9.0.1 is affected by a workspace overflow DoS (daemon panic) that can be triggered by a malicious HTTP/1 request sequence: after timeout_linger releases a worker thread, resuming traffic with multiple requests before the session closes (timeout_idle) can cause a pipelinin...

7.5CVSS5.9AI score0.00347EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2026/04/12 7:23 p.m.5 views

CVE-2026-40396

Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...

7.5CVSS5.5AI score0.00347EPSS
Exploits0
Cvelist
Cvelistadded 2026/04/12 7:21 p.m.19 views

CVE-2026-40395

Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service daemon panic for shared VCL. The headerplus.writereq0 function from vmodheaderplus updates the underlying req0, which is normally the original read-only request from which req is derived readable and writable from...

4CVSS0.00236EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/12 7:21 p.m.2 views

CVE-2026-40395

Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service daemon panic for shared VCL. The headerplus.writereq0 function from vmodheaderplus updates the underlying req0, which is normally the original read-only request from which req is derived readable and writable from...

4CVSS5.9AI score0.00236EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/12 7:21 p.m.0 views

CVE-2026-40395

Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service daemon panic for shared VCL. The headerplus.writereq0 function from vmodheaderplus updates the underlying req0, which is normally the original read-only request from which req is derived readable and writable from...

4CVSS5.9AI score0.00236EPSS
Exploits0References1
CVE
CVEadded 2026/04/12 7:21 p.m.7 views

CVE-2026-40395

CVE-2026-40395 affects Varnish Enterprise prior to 6.0.16r12. A workspace overflow can occur in the vmod_headerplus module when header fields are excessive in a modified req0, causing a daemon panic and Denial of Service. Details in multiple sources describe the root cause as the headerplus.write...

7.5CVSS5.9AI score0.00236EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVEadded 2026/04/12 7:21 p.m.1 views

CVE-2026-40395

Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service daemon panic for shared VCL. The headerplus.writereq0 function from vmodheaderplus updates the underlying req0, which is normally the original read-only request from which req is derived readable and writable from...

7.5CVSS5.6AI score0.00236EPSS
Exploits0
Cvelist
Cvelistadded 2026/04/12 7:17 p.m.18 views

CVE-2026-40394

Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service daemon panic for certain amounts of prefetched data. The setup of an HTTP/2 session starts with a speculative HTTP/1 transport, and upon upgrading to h2 the HTTP/1 request is...

4CVSS0.00236EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/12 7:17 p.m.1 views

CVE-2026-40394

Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service daemon panic for certain amounts of prefetched data. The setup of an HTTP/2 session starts with a speculative HTTP/1 transport, and upon upgrading to h2 the HTTP/1 request is...

4CVSS6AI score0.00236EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/12 7:17 p.m.3 views

CVE-2026-40394

Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service daemon panic for certain amounts of prefetched data. The setup of an HTTP/2 session starts with a speculative HTTP/1 transport, and upon upgrading to h2 the HTTP/1 request is...

4CVSS6AI score0.00236EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2026/04/12 7:17 p.m.1 views

CVE-2026-40394

Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service daemon panic for certain amounts of prefetched data. The setup of an HTTP/2 session starts with a speculative HTTP/1 transport, and upon upgrading to h2 the HTTP/1 request is...

7.5CVSS5.6AI score0.00236EPSS
Exploits0
CVE
CVEadded 2026/04/12 7:17 p.m.16 views

CVE-2026-40394

Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 are affected by a workspace overflow during HTTP/2 session upgrade. The vulnerability arises when the HTTP/2 upgrade path repurposes an HTTP/1 request as stream zero and allocates a buffer to reserve space for frames, which can ...

7.5CVSS6AI score0.00236EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/12 12:0 a.m.2 views

PT-2026-32183

Name of the Vulnerable Software and Affected Versions Varnish Cache versions prior to 9.0.1 Varnish Enterprise versions prior to 6.0.16r11 Description Varnish Cache and Varnish Enterprise are susceptible to a denial of service daemon panic due to a workspace overflow. This occurs when handling...

4CVSS6.1AI score0.00236EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/04/12 12:0 a.m.2 views

PT-2026-32185

Name of the Vulnerable Software and Affected Versions Varnish Cache versions prior to 9.0.1 Description Varnish Cache 9 before 9.0.1 is susceptible to a denial of service due to a workspace overflow, potentially leading to a daemon panic. A malicious client can exploit this by sending an HTTP/1...

4CVSS5.8AI score0.00347EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/12 12:0 a.m.1 views

PT-2026-32184

Name of the Vulnerable Software and Affected Versions Varnish Enterprise versions prior to 6.0.16r12 Description Varnish Enterprise versions before 6.0.16r12 are susceptible to a denial of service daemon panic due to a workspace overflow when handling shared VCL. The headerplus.write req0 functio...

4CVSS5.9AI score0.00236EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/04/12 12:0 a.m.4 views

Varnish Enterprise 安全漏洞

Varnish Enterprise is a high-performance caching software developed by the Varnish company. It is designed for handling high-traffic scenarios and optimizing business operations. Versions of Varnish Enterprise prior to 6.0.16r12 contained security vulnerabilities. These vulnerabilities stemmed fr...

7.5CVSS5.9AI score0.00236EPSS
Exploits0References1
OSV
OSVadded 2026/04/10 7:32 p.m.2 views

GHSA-VW86-C94W-V3X4 SiYuan: Publish Reader Path Traversal Delete via `removeUnusedAttributeView`

Summary The endpoint /api/av/removeUnusedAttributeView is vulnerable to a path traversal CWE-22 that allows an attacker to delete arbitrary .json files on the server. The issue arises because user-controlled input id is directly used in filesystem path construction without validation or...

8.5CVSS6AI score0.00287EPSS
Exploits0References4
Rows per page
Query Builder