CVE-2026-50009 Netty QUIC stateless reset token material exposed through header-visible connection IDs

Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the...

EUVD-2025-4635

Malicious code in bioql PyPI...

EUVD-2025-4633

Malicious code in bioql PyPI...

EUVD-2025-9052

Malicious code in bioql PyPI...

CVE-2025-29908

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

Netty QUIC hash collision DoS attack

An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. See...

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the codec process. An attacker can cause a considerable CPU load on the server by initiating connections with colliding Source Connection IDs SCIDs. Remediation Upgrade...

GHSA-HQQC-JR88-P6X2 Netty QUIC hash collision DoS attack

An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. See...

CVE-2025-29908

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

CVE-2025-29908

CVE-2025-29908 affects the Netty QUIC codec (netty-incubator-codec-quic) which uses quiche. The issue is a hash collision in the hash map that manages connections, allowing a remote attacker to induce a Hash DoS by initiating connections with colliding Source Connection IDs (SCIDs), causing consi...

Hash Collision Attack

tech.kwik, kwik is vulnerable to Hash collision attack. The vulnerability is due to a hash collision in the connection management hash table, allowing remote attackers to cause high CPU load via colliding Source Connection IDs SCIDs...

CVE-2025-23020

An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability in the hash table used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

CVE-2025-24946

The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

GHSA-9F57-9RHG-4HVM Kwik hash collision vulnerability

An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability in the hash table used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

CVE-2025-24946

The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

CVE-2025-24947

A hash collision vulnerability in the hash table used to manage connections in LSQUIC aka LiteSpeed QUIC before 4.2.0 allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. This is caused by...

CVE-2025-24947

A hash collision vulnerability in the hash table used to manage connections in LSQUIC aka LiteSpeed QUIC before 4.2.0 allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. This is caused by...