CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

344 matches found

EUVD•added yesterday•10 views

EUVD-2026-34311

OHttpVersionChunkDraft: Missing Final-Chunk Enforcement Leads to Undetected Stream Truncation...

8.7CVSS5.8AI score0.00167EPSS

Exploits0References3

NVD•added 2026/06/11 8:16 p.m.•9 views

CVE-2026-53781

Summarize before 0.17.0 contains a resource exhaustion vulnerability that allows remote attackers to cause disk exhaustion by serving media responses that bypass the enforced size limit through missing or misreported Content-Length headers, chunked transfer encoding, or failed HEAD requests...

5.3CVSS0.00329EPSS

Exploits0References4

Cvelist•added 2026/06/11 7:11 p.m.•25 views

CVE-2026-53781 Summarize < 0.17.0 Disk Exhaustion via Uncapped Media Download

5.3CVSS0.00329EPSS

Exploits0References4

CVE•added 2026/06/11 7:11 p.m.•10 views

CVE-2026-53781

The CVE affects the Summarize utility prior to version 0.17.0. Vulnerable path is the temp-file-based media download, where an unbounded response can be streamed via the download/response path, causing disk and resource exhaustion. Root cause: responses bypass the enforced size limit due to missi...

5.3CVSS5.5AI score0.00329EPSS

Exploits0References4

Vulnrichment•added 2026/06/11 7:11 p.m.•9 views

CVE-2026-53781 Summarize < 0.17.0 Disk Exhaustion via Uncapped Media Download

5.3CVSS5.3AI score0.00329EPSS

Exploits0References4

Hacker One•added 2026/06/11 8:27 a.m.•19 views

curl: Duplicate chunked Transfer-Encoding lets a malicious origin smuggle a response across reused HTTP proxy connections

TL;DR A malicious HTTP origin can send Transfer-Encoding: chunked, chunked, gzip through a reusable HTTP proxy connection to bypass curl's "chunked must be last" guard, queue a forged HTTP response after its own response, and make curl parse that queued data as the response for a later request to...

5.5AI score

Exploits0

Positive Technologies•added 2026/06/11 12:0 a.m.•8 views

PT-2026-48731

5.3CVSS5.5AI score0.00329EPSS

Exploits0References5

RedhatCVE•added 2026/06/05 7:25 p.m.•8 views

CVE-2026-44456

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.16, bodyLimit does not reliably enforce maxSize for requests without a usable Content-Length e.g. Transfer-Encoding: chunked. Oversized requests can reach handlers and return 200 instead of 413. Th...

6.5CVSS5.5AI score0.00219EPSS

Exploits0References1

Snyk•added 2026/06/04 8:16 p.m.•5 views

Missing Cryptographic Step

Overview Affected versions of this package are vulnerable to Missing Cryptographic Step due to the lack of enforcement for receiving a cryptographically-signed final chunk before the termination of the outer HTTP body. An attacker can cause undetected truncation of chunked messages by forwarding...

8.7CVSS5.4AI score0.00167EPSS

Exploits0References2

SUSE CVE•added 2026/06/02 1:38 a.m.•9 views

SUSE CVE-2026-45352

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process crash. The ChunkedDecoder::readpayload function in cpp-httplib httplib.h parses the chunk-size field o...

7.5CVSS5.7AI score0.00327EPSS

Exploits1References3

OSV•added 2026/05/29 8:16 p.m.•7 views

DEBIAN-CVE-2026-45352

7.5CVSS5.7AI score0.00327EPSS

Exploits1References1

OSV•added 2026/05/29 8:16 p.m.•6 views

UBUNTU-CVE-2026-45352

7.5CVSS5.7AI score0.00327EPSS

Exploits1References3

CVE•added 2026/05/29 7:14 p.m.•29 views

CVE-2026-45352

The CVE-2026-45352 issue affects cpp-httplib (header-only HTTP/HTTPS library). Before version 0.43.4, the ChunkedDecoder::read_payload routine parses the chunk-size in chunked Transfer-Encoding with std::strtoul(), which can silently accept a minus sign. This allows negative chunk sizes (e.g., "-...

7.5CVSS5.7AI score0.00327EPSS

Exploits1References1Affected Software1

Cvelist•added 2026/05/29 7:14 p.m.•42 views

CVE-2026-45352 cpp-httplib DoS: Negative chunk-size in chunked Transfer-Encoding

5.3CVSS0.00327EPSS

Exploits1References1

EUVD•added 2026/05/29 7:14 p.m.•11 views

EUVD-2026-33425

5.3CVSS5.7AI score0.00327EPSS

Exploits1References1

ATTACKERKB•added 2026/05/29 7:14 p.m.•8 views

CVE-2026-45352

5.3CVSS5.7AI score0.00327EPSS

Exploits1References2Affected Software1

Github Security Blog•added 2026/05/27 7:58 p.m.•10 views

CrowdSec AppSec silently drops request body for chunked / HTTP-2 requests

Summary The CrowdSec AppSec component fails to read the HTTP request body for any request whose Content-Length is not positive — most notably HTTP/1.1 requests using Transfer-Encoding: chunked and HTTP/2 requests sent without a content-length header. Coraza is then evaluated against an empty body...

5.9AI score0.00038EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2026/05/27 12:0 a.m.•11 views

PT-2026-44131

7.2CVSS5.9AI score0.00038EPSS

Exploits0References3

Github Security Blog•added 2026/05/19 7:25 p.m.•10 views

Bandit: Unauthenticated DoS via chunked request trailers in Bandit HTTP/1 decoder

Summary A worker-pinning denial of service in Bandit's HTTP/1 chunked transfer decoder. Any unauthenticated client that sends a Transfer-Encoding: chunked request whose body ends with a trailer field RFC 9112 §7.1.2 explicitly permits this causes the connection's worker process to spin forever in...

8.7CVSS5.9AI score0.00637EPSS

Exploits1References6Affected Software1

OSV•added 2026/05/19 7:23 p.m.•11 views

GHSA-9Q9Q-324X-93R2 Bandit: Unauthenticated one-shot DoS via `Transfer-Encoding: chunked`

Summary Bandit's HTTP/1 chunked-body reader silently drops the request size cap that the application configures e.g. Plug.Parsers' default 8 MB length: and buffers the entire body in memory before the application sees it. An unauthenticated attacker can crash any Bandit-fronted Phoenix/Plug app...

8.7CVSS5.8AI score0.00642EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by