CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/13 6:22 p.m.•18 views

CVE-2026-42587

Netty CVE-2026-42587 affects HttpContentDecompressor and DelegatingDecompressorFrameListener. Before 4.2.13.Final and 4.1.133.Final, maxAllocation is enforced for gzip/deflate but ignored for br, zstd, or snappy, allowing an attacker to bypass the decompression limit via Content-Encoding: br and ...

7.5CVSS5.9AI score0.00018EPSS

Debian CVE•added 2026/05/13 6:22 p.m.•4 views

CVE-2026-42587

7.5CVSS5.9AI score0.00018EPSS

CVE•added 2026/05/13 6:12 p.m.•6 views

CVE-2026-42585

Netty CVE-2026-42585 affects Netty prior to versions 4.2.13.Final and 4.1.133.Final, where improper parsing of malformed Transfer-Encoding can enable HTTP request smuggling. Public advisories and OSV entries confirm the issue and that fixes are available in 4.2.13.Final and 4.1.133.Final. Affecte...

7.5CVSS5.8AI score0.00012EPSS

Vulnrichment•added 2026/05/13 6:12 p.m.•3 views

CVE-2026-42585 Netty: HTTP Request Smuggling due to malformed Transfer-Encoding

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty incorrectly parses malformed Transfer-Encoding, enabling request smuggling attacks. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final...

6.5CVSS5.8AI score0.00012EPSS

Debian CVE•added 2026/05/13 6:12 p.m.•3 views

CVE-2026-42585

7.5CVSS5.8AI score0.00012EPSS

Cvelist•added 2026/05/13 6:12 p.m.•26 views

CVE-2026-42585 Netty: HTTP Request Smuggling due to malformed Transfer-Encoding

6.5CVSS0.00012EPSS

Debian CVE•added 2026/05/13 6:1 p.m.•8 views

CVE-2026-42579

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's DNS codec does not enforce RFC 1035 domain name constraints during either encoding or decoding. This creates a bidirectional attack surface: malicious DNS responses can exploit t...

9.1CVSS5.8AI score0.00032EPSS

CVE•added 2026/05/13 6:1 p.m.•6 views

CVE-2026-42579

Summary: CVE-2026-42579 affects the Netty framework’s DNS codec. Affected versions: prior to 4.2.13.Final and 4.1.133.Final. Root cause: DNS encoding/decoding did not enforce RFC 1035 domain name constraints. Impact: potential bidirectional attack surface via malicious DNS responses (decoder) or ...

9.1CVSS5.8AI score0.00032EPSS

CVE•added 2026/05/13 5:54 p.m.•8 views

CVE-2026-42581

Netty vulnerability CVE-2026-42581 affects Netty in HTTP handling. Before 4.2.13.Final and 4.1.133.Final, HttpObjectDecoder does not clear a conflicting Content-Length header when a request carries both Transfer-Encoding: chunked and Content-Length for HTTP/1.1; HTTP/1.0 requests lack this guard....

9.8CVSS5.8AI score0.00017EPSS

Debian CVE•added 2026/05/13 5:54 p.m.•9 views

CVE-2026-42581

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpObjectDecoder strips a conflicting Content-Length header when a request carries both Transfer-Encoding: chunked and Content-Length, but only for HTTP/1.1 messages. The guard is absen...

9.8CVSS5.8AI score0.00017EPSS

Cvelist•added 2026/05/13 5:54 p.m.•19 views

CVE-2026-42581 Netty: HTTP/1.0 TE+CL Coexistence Bypasses Smuggling Sanitization

5.8CVSS0.00017EPSS

Vulnrichment•added 2026/05/13 5:54 p.m.•9 views

CVE-2026-42581 Netty: HTTP/1.0 TE+CL Coexistence Bypasses Smuggling Sanitization

5.8CVSS5.8AI score0.00017EPSS

OSV•added 2026/05/13 3:50 p.m.•3 views

CLSA-2026-1778687453 Fix CVE(s): CVE-2026-6735

SECURITY UPDATE: XSS in PHP-FPM status endpoint - debian/patches/CVE-2026-6735.patch: HTML-encode proc.requesturi and tighten querystring entity flags in sapi/fpm/fpm/fpmstatus.c. - CVE-2026-6735...

8.8CVSS5.8AI score0.00058EPSS

CVE•added 2026/05/13 1:36 p.m.•13 views

CVE-2026-39806

The CVE-2026-39806 issue affects Bandit (Elixir.Bandit.HTTP1.Socket) where do_read_chunked_data!/5 loops indefinitely when a chunked request includes trailer fields. The root cause is that RFC 9112 §7.1.2 allows trailers after the 0-length chunk, but the code exits only when the next line is imme...

8.7CVSS5.8AI score0.01063EPSS

Exploits1References4Affected Software1

Cvelist•added 2026/05/13 1:36 p.m.•32 views

CVE-2026-39806 HTTP/1 chunked decoder infinite loop on requests with trailer fields in bandit

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in mtrudel bandit allows unauthenticated remote denial of service via worker process exhaustion. 'Elixir.Bandit.HTTP1.Socket':doreadchunkeddata!/5 in lib/bandit/http1/socket.ex terminates only when the last-chunk line 0\r\n is...

8.7CVSS0.01063EPSS

Exploits1References4

ATTACKERKB•added 2026/05/13 1:36 p.m.•2 views

CVE-2026-39806

8.7CVSS5.8AI score0.01063EPSS

Exploits1References5Affected Software1

CVE•added 2026/05/13 1:36 p.m.•14 views

CVE-2026-39803

CVE-2026-39803 – Bandit (Elixir) memory exhaustion via chunked HTTP/1 bodies. The issue occurs in the chunked path of Elixir.Bandit.HTTP1.Socket.read_data/2 where the caller-supplied length is ignored; every received chunk is buffered into an iolist and the entire body is materialized as a single...

8.7CVSS5.8AI score0.01413EPSS

Exploits1References4Affected Software1

OSV•added 2026/05/13 11:8 a.m.•7 views

CLSA-2026-1778670534 php: Fix of CVE-2026-6735

CVE-2026-6735: HTML-encode proc.requesturi and tighten querystring entity flags in sapi/fpm/fpm/fpmstatus.c to fix XSS in PHP-FPM status endpoint...

8.8CVSS5.8AI score0.00058EPSS