Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29 matches found

NVD
NVDadded 3 hours ago4 views

CVE-2026-54341

Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.0, a crafted RESTORE payload triggers an out-of-bounds read in DragonflyDB's listpack collection loaders, crashing the entire server process SIGSEGV. Because DragonflyDB requires no authentication by defaul...

7.5CVSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 4 hours ago2 views

CVE-2026-54341

Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.0, a crafted RESTORE payload triggers an out-of-bounds read in DragonflyDB's listpack collection loaders, crashing the entire server process SIGSEGV. Because DragonflyDB requires no authentication by defaul...

7.5CVSS5.9AI score
Exploits0References3Affected Software1
EUVD
EUVDadded 4 hours ago2 views

EUVD-2026-39811

Dragonfly is an in-memory data store built for modern application workloads. Prior to 1.39.0, a crafted RESTORE payload triggers an out-of-bounds read in DragonflyDB's listpack collection loaders, crashing the entire server process SIGSEGV. Because DragonflyDB requires no authentication by defaul...

7.5CVSS5.9AI score
Exploits0References2
CVE
CVEadded 4 hours ago8 views

CVE-2026-54341

Dragonfly (DragonflyDB) before version 1.39.0 is vulnerable: a crafted RESTORE payload triggers an out-of-bounds read in the listpack collection loaders, crashing the server (SIGSEGV). The issue is exploitable remotely without authentication via a single ~24-byte RESTORE command, enabling unauthe...

7.5CVSS5.9AI score
Exploits0References2
CNNVD
CNNVDadded 2026/01/22 12:0 a.m.6 views

Dragonfly Access Control Vulnerability

Dragonfly is an open-source framework developed by DragonflyDB, capable of dynamically processing any content type. Versions of Dragonfly 2.4.1-rc.0 and earlier contained a access control vulnerability. This vulnerability stemmed from the absence of JWT authentication and RBAC authorization check...

9.8CVSS5.8AI score0.00713EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-12281

Malicious code in bioql PyPI...

5.5CVSS6.5AI score0.00239EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-14851

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00333EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2025-28478

Malicious code in bioql PyPI...

9.4CVSS6.5AI score0.00347EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/09/17 12:0 a.m.4 views

Dragonfly 安全漏洞

Dragonfly is an open source framework from DragonflyDB that allows dynamic processing of any content type. A security vulnerability exists in Dragonfly versions prior to 2.1.0 that stems from the use of insecure hash functions such as MD5, which could lead to malicious file replacement...

6.9CVSS8.9AI score0.00152EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/06/25 9:54 a.m.8 views

CVE-2025-52935

Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly src/redis/lua/struct modules. This vulnerability is associated with program files luastruct.C. This issue affects dragonfly: 1.30.1, 1.30.0, 1.28.18...

9.4CVSS7.3AI score0.00347EPSS
Exploits0References1
NVD
NVDadded 2025/06/23 10:15 a.m.3 views

CVE-2025-52935

Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly src/redis/lua/struct modules. This vulnerability is associated with program files luastruct.C. This issue affects dragonfly: 1.30.1, 1.30.0, 1.28.18...

9.4CVSS0.00347EPSS
Exploits0References2
OSV
OSVadded 2025/06/23 10:15 a.m.5 views

CVE-2025-52935

Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly src/redis/lua/struct modules. This vulnerability is associated with program files luastruct.C. This issue affects dragonfly: 1.30.1, 1.30.0, 1.28.18...

9.4CVSS7.2AI score
Exploits0References2
Cvelist
Cvelistadded 2025/06/23 9:27 a.m.14 views

CVE-2025-52935 Integer Overflow or Wraparound vulnerability in dragonflydb/dragonfly

Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly src/redis/lua/struct modules. This vulnerability is associated with program files luastruct.C. This issue affects dragonfly: 1.30.1, 1.30.0, 1.28.18...

9.4CVSS0.00347EPSS
Exploits0References2
CVE
CVEadded 2025/06/23 9:27 a.m.24 views

CVE-2025-52935

The CVE-2025-52935 entry concerns an Integer Overflow or Wraparound vulnerability in dragonflydb/dragonfly, specifically in the src/redis/lua/struct modules (lua_struct.C). Affected versions are dragonfly 1.28.18 through 1.30.1. The issue is confirmed across multiple sources (e.g., PT-2025-26585)...

9.4CVSS6.7AI score0.00347EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/06/23 9:27 a.m.3 views

CVE-2025-52935 Integer Overflow or Wraparound vulnerability in dragonflydb/dragonfly

Integer Overflow or Wraparound vulnerability in dragonflydb dragonfly src/redis/lua/struct modules. This vulnerability is associated with program files luastruct.C. This issue affects dragonfly: 1.30.1, 1.30.0, 1.28.18...

9.4CVSS6.6AI score0.00347EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/04/26 5:0 a.m.14 views

CVE-2025-26268

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service daemon crash via a crafted Redis command. The validity of the scan cursor was not checked...

6.5CVSS6.5AI score0.00333EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/04/26 4:58 a.m.12 views

CVE-2025-26269

DragonflyDB Dragonfly through 1.28.2 fixed in 1.29.0 allows authenticated users to cause a denial of service daemon crash via a Lua library command that references a large negative integer...

5.5CVSS6.7AI score0.00239EPSS
Exploits1References1
NVD
NVDadded 2025/04/17 6:15 p.m.10 views

CVE-2025-26269

DragonflyDB Dragonfly through 1.28.2 fixed in 1.29.0 allows authenticated users to cause a denial of service daemon crash via a Lua library command that references a large negative integer...

5.5CVSS0.00239EPSS
Exploits1References3
OSV
OSVadded 2025/04/17 6:15 p.m.4 views

CVE-2025-26269

DragonflyDB Dragonfly through 1.28.2 fixed in 1.29.0 allows authenticated users to cause a denial of service daemon crash via a Lua library command that references a large negative integer...

5.5CVSS4AI score
Exploits0References3
NVD
NVDadded 2025/04/17 6:15 p.m.13 views

CVE-2025-26268

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service daemon crash via a crafted Redis command. The validity of the scan cursor was not checked...

6.5CVSS0.00333EPSS
Exploits1References3
Rows per page
Query Builder