Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-44577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default imag...

5.9CVSS5.8AI score0.00657EPSS
Exploits1References2
NVD
NVD
added 2026/05/13 5:16 p.m.13 views

CVE-2026-44577

Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could...

7.5CVSS0.00657EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/05/13 5:0 p.m.11 views

CVE-2026-44577 Next.js: Denial of Service in the Image Optimization API

Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could...

5.9CVSS5.8AI score0.00657EPSS
Exploits1References1
Chainguard
Chainguard
added 2026/05/13 1:17 a.m.24 views

CVE-2026-44577 vulnerabilities

Vulnerabilities for packages: keep...

7.5CVSS5.8AI score0.00657EPSS
Exploits1
Circl
Circl
added 2026/05/11 6:42 a.m.31 views

CVE-2026-44577

creationtimestamp| type| source ---|---|--- 2026-05-11 06:42:58+00:00| published-proof-of-concept| https://t.me/htfgtps/1107 2026-07-09 03:00:04+00:00| seen| https://t.me/brutsecurity/2701 2026-07-10 00:00:12+00:00| seen| https://t.me/brutsecurity/2701...

7.5CVSS7.1AI score0.00657EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.26 views

PT-2026-39412

Name of the Vulnerable Software and Affected Versions Next.js versions 13.0.0 through 15.5.15 Next.js versions 16.0.0 through 16.2.4 Description Applications using beforeInteractive scripts combined with untrusted content are susceptible to cross-site scripting XSS, a flaw where malicious scripts...

6.4CVSS5.8AI score0.00205EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.29 views

PT-2026-39411

Name of the Vulnerable Software and Affected Versions Next.js versions prior to 15.5.16 Next.js versions prior to 16.2.5 Description Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A crafted POST request to a server action can...

7.8CVSS5.5AI score0.00509EPSS
Exploits1References19
Rows per page
Query Builder