CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

54 matches found

CVE-2026-42793

Allocation of Resources Without Limits or Throttling vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via atom table exhaustion when parsing attacker-controlled GraphQL SDL. Multiple Blueprint.Draft.convert/2 implementations in Absinthe's SDL language modules ca...

8.2CVSS5.6AI score0.0003EPSS

Exploits1References1

RedhatCVE•added 5 days ago•10 views

CVE-2026-48597

Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme with no...

8.2CVSS5.8AI score0.00055EPSS

Exploits0References1

Vulnrichment•added last week•6 views

CVE-2026-48597 Atom table exhaustion via untrusted URL scheme in Tesla.Adapter.Mint

8.2CVSS5.8AI score0.00055EPSS

Exploits0References4

CVE•added last week•11 views

CVE-2026-48597

The vulnerability CVE-2026-48597 affects elixir-tesla (Tesla) where Tesla.Adapter.Mint.open_conn/2 converts each outgoing request URL scheme to a BEAM atom using String.to_atom(uri.scheme) without an allow-list. Since BEAM atoms are not garbage-collected, an attacker who can influence the request...

8.2CVSS5.8AI score0.00055EPSS

Exploits0References4

EUVD•added last week•8 views

EUVD-2026-34013

8.2CVSS5.8AI score0.00055EPSS

Exploits0References4

OSV•added last week•6 views

EEF-CVE-2026-48597 Atom table exhaustion via untrusted URL scheme in Tesla.Adapter.Mint

Summary Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme wit...

8.2CVSS5.8AI score0.00055EPSS

Exploits0References4

Positive Technologies•added 2026/06/02 12:0 a.m.•9 views

PT-2026-45840

Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.open conn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.to atomuri.scheme with no...

8.2CVSS5.8AI score0.00055EPSS

Exploits0References5

RedhatCVE•added 2026/05/26 8:14 p.m.•7 views

CVE-2026-47067

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackneyurl.erl converts every unrecognized URL scheme to a permanent BEAM atom via binarytoatom/2. BEAM atoms are never garbage-collected and the atom table defaults to a...

8.7CVSS5.8AI score0.00049EPSS

Exploits1References1

NVD•added 2026/05/25 3:16 p.m.•10 views

CVE-2026-47067

8.7CVSS0.00049EPSS

Exploits1References4

Vulnrichment•added 2026/05/25 2:0 p.m.•5 views

CVE-2026-47067 Atom table exhaustion via unrecognized URL schemes in hackney

8.7CVSS5.8AI score0.00049EPSS

Exploits1References4

Cvelist•added 2026/05/25 2:0 p.m.•29 views

CVE-2026-47067 Atom table exhaustion via unrecognized URL schemes in hackney

8.7CVSS0.00049EPSS

Exploits1References4

EUVD•added 2026/05/25 2:0 p.m.•8 views

EUVD-2026-31691

8.7CVSS5.8AI score0.00049EPSS

Exploits1References4

ATTACKERKB•added 2026/05/25 2:0 p.m.•7 views

CVE-2026-47067

8.7CVSS5.8AI score0.00049EPSS

Exploits1References5Affected Software1

CVE•added 2026/05/25 2:0 p.m.•15 views

CVE-2026-47067

Affected software: hackney (Erlang HTTP client). Vulnerability description: The URL parser in src/hackney_url.erl converts every unrecognized URL scheme to a permanent BEAM atom via binary_to_atom/2. BEAM atoms are never garbage-collected, and the atom table maxes out at 1,048,576 entries. An att...

8.7CVSS5.8AI score0.00049EPSS

Exploits1References4Affected Software1

CNNVD•added 2026/05/25 12:0 a.m.•6 views

Hackney 安全漏洞

Hackney is a program library from Hackney, Inc. A security vulnerability exists in Hackney versions prior to 2.0.0 to 4.0.1 that stems from the URL parser converting unrecognized URL schemes into permanent BEAM atoms, which could lead to atom table exhaustion and BEAM VM crashes...

8.7CVSS5.8AI score0.00049EPSS

Exploits1References4

RedhatCVE•added 2026/05/21 7:57 p.m.•3 views

CVE-2026-8469

Allocation of Resources Without Limits or Throttling vulnerability in phenixdigital phoenixstorybook allows unauthenticated denial-of-service via BEAM atom table exhaustion. Multiple LiveView event handlers convert user-supplied event parameter strings to atoms using String.toatom/1 without...

8.2CVSS5.8AI score0.00056EPSS

Exploits0References1

NVD•added 2026/05/20 2:17 p.m.•8 views

CVE-2026-8469

8.2CVSS0.00056EPSS

Exploits0References4

Cvelist•added 2026/05/20 1:35 p.m.•34 views

CVE-2026-8469 Unauthenticated denial-of-service via BEAM atom table exhaustion in phoenix_storybook

8.2CVSS0.00056EPSS

Exploits0References4

Vulnrichment•added 2026/05/20 1:35 p.m.•4 views

CVE-2026-8469 Unauthenticated denial-of-service via BEAM atom table exhaustion in phoenix_storybook