CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2026/05/25 11:42 p.m.•15 views

CVE-2026-42440

A flaw was found in Apache OpenNLP. A remote attacker can exploit this vulnerability by providing a specially crafted binary model .bin file. This file contains an excessively large count field, which leads to an unbounded array allocation and triggers an OutOfMemoryError. Successful exploitation...

7.5CVSS5.8AI score0.00478EPSS

Exploits0References5

RedhatCVE•added 2026/05/18 7:59 p.m.•8 views

CVE-2026-8751

A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...

9.8CVSS6.7AI score0.00409EPSS

Exploits0References1

EUVD•added 2026/05/17 11:30 a.m.•15 views

EUVD-2026-30697

7.5CVSS6.7AI score0.00409EPSS

Exploits0References4

CNNVD•added 2026/05/17 12:0 a.m.•7 views

H2O 输入验证错误漏洞

H2O is an open-source memory platform for distributed, scalable machine learning developed by H2O.ai. Versions of H2O 7402 and earlier contained a vulnerability related to input validation errors. This vulnerability stemmed from a deserialization issue in the importBinaryModel function of the...

9.8CVSS7.1AI score0.00409EPSS

Exploits0References2

OSV•added 2026/05/04 5:16 p.m.•4 views

DEBIAN-CVE-2026-42440

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field from a binary...

7.5CVSS5.9AI score0.00478EPSS

Exploits0References1