Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the rtonextcpu function in the RT scheduler not skipping the currently executing CPU. This allows...

CVE-2026-7307

A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup Language SAML endpoint. This malicious input can cause high CPU usage and worker thread starvation, leading to a Denial of Service DoS where the server becomes...

CVE-2026-8202

CVE-2026-8202 affects MongoDB Server prior to certain fixed versions: v7.0 before 7.0.34, v8.0 before 8.0.23, v8.2 before 8.2.9, and v8.3 before 8.3.2. The issue is a post-authentication CPU DoS caused by using a densely populated characters mask with large input strings in the MongoDB aggregatio...

Exploit for CVE-2026-23869

CVE-2026-23869 - Proof of Concept PoC Description This...

GHSA-M5RV-56XX-HFC6 Mattermost fails to properly handle very long passwords

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to properly handle very long passwords, which allows an attacker to overload the server CPU and memory via executing login attempts with multi-megabyte passwords. Mattermost Advisory ID: MMSA-2026-00587...

CVE-2026-24738

gmrtd is a Go library for reading Machine Readable Travel Documents MRTDs. Prior to version 0.17.2, ReadFile accepts TLVs with lengths that can range up to 4GB, which can cause unconstrained resource consumption in both memory and cpu cycles. ReadFile can consume an extended TLV with lengths well...

CVE-2025-69199

Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Prior to version 1.12.0, websockets within wings lack proper rate limiting and throttling. As a result a malicious user can open a large number of connections and then request data through these...

CVE-2025-61725 Excessive CPU consumption in ParseAddress in net/mail

The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...

EUVD-2016-7948

Malware in sbrugna...

EUVD-2020-13000

Malware in sbrugna...

EUVD-2020-13035

Malware in sbrugna...

EUVD-2019-18887

Malware in sbrugna...

EUVD-2015-9096

Malware in sbrugna...

EUVD-2020-13004

Malware in sbrugna...

EUVD-2020-13017

Malware in sbrugna...

EUVD-2025-7047

Malicious code in bioql PyPI...

EUVD-2024-1025

Malicious code in bioql PyPI...

EUVD-2024-21278

Malicious code in bioql PyPI...

PT-2025-32158 · Hugging Face · Huggingface/Transformers

Name of the Vulnerable Software and Affected Versions: Hugging Face Transformers versions up to 4.51.3 Description: A Regular Expression Denial of Service ReDoS vulnerability exists in the convert tf weight name to pt weight name function of the Hugging Face Transformers library. This function,...

Denial Of Service (DoS)

resolv library is vulnerable to Denial Of Service DoS. The vulnerability is due to insufficient validation of the length of a decompressed domain name in a DNS packet, which allows an attacker to craft a maliciously compressed DNS packet that consumes excessive CPU during name decompression...