Lucene search
K

3682 matches found

ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2026-55574

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Prior to 0.24.0, the structuredoutputs.regex API parameter passes a user-supplied regular expression string directly to the grammar compiler backends with no compilation timeout; in the xgrammar backend the stri...

8.7CVSS5.9AI score0.00324EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 3 days ago5 views

CVE-2026-50557

A flaw was found in Angular's @angular/compiler and @angular/core packages. Namespaced script elements were not properly identified by the template preparser, and security context schema mappings did not consistently handle attributes within namespaced elements. An attacker who can inject templat...

6.1CVSS5.7AI score0.00206EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 3 days ago4 views

CVE-2026-14651

A flaw was found in grass, a Sass compiler. This vulnerability allows a local attacker to cause a Denial of Service DoS by manipulating specific functions within the compiler, such as grasscompiler::selector::extend or grasscompiler::evaluate::visitor. This can lead to the compiler becoming...

4.8CVSS5.8AI score0.00115EPSS
Exploits0References9
NVD
NVD
added 5 days ago6 views

CVE-2026-14651

A vulnerability has been found in connorskees grass up to 0.13.4. The impacted element is the function grasscompiler::selector::extend/grasscompiler::evaluate::visitor. The manipulation leads to denial of service. The attack must be carried out locally. The exploit has been disclosed to the publi...

4.8CVSS0.00115EPSS
Exploits0References6
NVD
NVD
added 5 days ago8 views

CVE-2026-14650

A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...

4.8CVSS0.00116EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago24 views

CVE-2026-14651 connorskees grass visitor denial of service

A vulnerability has been found in connorskees grass up to 0.13.4. The impacted element is the function grasscompiler::selector::extend/grasscompiler::evaluate::visitor. The manipulation leads to denial of service. The attack must be carried out locally. The exploit has been disclosed to the publi...

4.8CVSS0.00115EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-41695

A vulnerability has been found in connorskees grass up to 0.13.4. The impacted element is the function grasscompiler::selector::extend/grasscompiler::evaluate::visitor. The manipulation leads to denial of service. The attack must be carried out locally. The exploit has been disclosed to the publi...

4.8CVSS5.1AI score0.00115EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-41694

A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grasscompiler::rawtoparseerror of the component UTF-8 Character Handler. Executing a manipulation can lead to denial of service. The attack is restricted to local execution. The exploit has been publishe...

4.8CVSS5.5AI score0.00116EPSS
Exploits0References6
CVE
CVE
added 5 days ago13 views

CVE-2026-14650

Technical details about CVE-2026-14650 are not publicly available in the provided documents. Monitor for updates.

4.8CVSS5.5AI score0.00116EPSS
Exploits0References6
OSV
OSV
added 2026/07/02 12:0 a.m.3 views

UBUNTU-CVE-2026-53346

In the Linux kernel, the following vulnerability has been resolved: rust: arm64: set uwtable llvm module flag for CONFIGUNWINDTABLES Due to a rustc bug 1 the -Cforce-unwind-tables=y flag only emits the uwtable annotation for functions, but not for the module. This means that compiler-generated...

5.7AI score0.00156EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/07/01 9:48 a.m.8 views

CVE-2026-57451

A flaw in Vim allows an attacker to cause a Denial of Service DoS via an application crash. If a user opens a maliciously crafted undo file, an out-of-bounds read is triggered in the gettextprops function due to missing length validation on property counts. Mitigation Users are advised to avoid...

6.1CVSS5.8AI score0.00113EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/26 6:24 p.m.8 views

CVE-2026-53110

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter JIT Just-In-Time compiler for the s390x architecture. The system's Application Binary Interface ABI requires that unsigned arguments and return values be zero-extended. However, the BPF JIT compiler incorrectly performed only sign...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References4
NVD
NVD
added 2026/06/26 4:16 p.m.12 views

CVE-2026-21734

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

7.7CVSS0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 3:14 p.m.29 views

CVE-2026-21734 GPU DDK - libusc OOB write at TreeRemove during WebGPU shader compilation

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 3:14 p.m.7 views

EUVD-2026-39785

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

7.7CVSS5.8AI score0.00118EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 3:14 p.m.7 views

CVE-2026-21734

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

7.7CVSS5.8AI score0.00118EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.13 views

PT-2026-52841

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A GPU shader compiler library contains a flaw where loading a web page with unusual GPU shader code can trigger an out-of-bounds write. This occurs during an edg...

7.7CVSS5.8AI score0.00118EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:30 p.m.5 views

EUVD-2026-38967

In the Linux kernel, the following vulnerability has been resolved: bpf: Switch CONFIGCFICLANG to CONFIGCFI This was renamed in commit 23ef9d439769 "kcfi: Rename CONFIGCFICLANG to CONFIGCFI" as it is now a compiler-agnostic option. Using the wrong name results in the code getting compiled out...

5.8AI score0.00156EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/22 3:27 p.m.6 views

EUVD-2026-38268

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an issue in the @angular/compiler package allows bypassing DOM property sanitization through the use of two-way property...

5.3CVSS5.8AI score0.00195EPSS
Exploits0References3
CVE
CVE
added 2026/06/22 3:27 p.m.75 views

CVE-2026-54265

The CVE-2026-54265 issue affects the Angular @angular/compiler, where two-way binding on sensitive native DOM properties (e.g., innerHTML, src, href, data, sandbox) can bypass the sanitizer resolution. Prior to versions 22.0.1, 21.2.17, and 20.3.25, the template compiler failed to apply the appro...

6.1CVSS5.8AI score0.00195EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder