CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Fedora•added 2026/05/31 1:14 a.m.•15 views

[SECURITY] Fedora 43 Update: python-urllib3-2.7.0-2.fc43

urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings many critical features that are missing from the Python standard libraries: =E2=80=A2 Thread safety. =E2=80=A2 Connection pooling. =E2=80=A2 Client-side SSL/TLS verification. =E2=80=A2 File uploads with multipart encoding...

5.8AI score

Exploits0

Packet Storm News•added 2026/05/31 12:0 a.m.•5 views

On the Evaluation of Spiking Neural Network Configurations for Network Intrusion Detection

Network intrusion detection is a core component of modern cybersecurity infrastructure, yet the deep learning models that dominate the field are computationally demanding, motivating interest in lightweight alternatives suited to edge and neuromorphic deployment. Spiking Neural Networks SNNs are...

5.8AI score

Exploits0

RedhatCVE•added 2026/05/30 8:13 a.m.•9 views

CVE-2026-32847

DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in newui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /fullpath:path endpoint. Attackers can bypass Starlette's...

8.7CVSS5.9AI score0.00078EPSS

Packet Storm News•added 2026/05/30 12:0 a.m.•9 views

Quality-Diversity Evolution for Discovering Diverse Vulnerabilities in LLM Safety

Current approaches to LLM adversarial testing suffer from coverage gaps: manual red-teaming does not scale, LLM-as-attacker methods exhibit mode collapse, and gradient-based approaches produce uninterpretable gibberish. We introduce a quality-diversity evolutionary framework that operates at the...

5.8AI score

Exploits0

Snyk•added 2026/05/29 9:15 p.m.•6 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper validation of the chunk-size field in chunked Transfer-Encoding within the ChunkedDecoder::readpayload function. An attacker can cause unbounded memory allocation and...

7.5CVSS5.8AI score0.00128EPSS

Exploits1References2

NVD•added 2026/05/29 8:16 p.m.•10 views

CVE-2026-45352

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process crash. The ChunkedDecoder::readpayload function in cpp-httplib httplib.h parses the chunk-size field o...

7.5CVSS0.00128EPSS

OSV•added 2026/05/29 8:16 p.m.•6 views

DEBIAN-CVE-2026-45352

OSV•added 2026/05/29 8:16 p.m.•4 views

UBUNTU-CVE-2026-45352

AlpineLinux•added 2026/05/29 7:44 p.m.•8 views

Exploits1References3

CVE-2026-45700

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/planar.c, freerdpbitmapdecompressplanar validates the X destination coordinate nXDst against the...

9.8CVSS5.9AI score0.00021EPSS

Vulnrichment•added 2026/05/29 7:44 p.m.•5 views

CVE-2026-45700 Heap-buffer-overflow write in planar bitmap decoder

7.7CVSS5.9AI score0.00021EPSS

Debian CVE•added 2026/05/29 7:14 p.m.•9 views

CVE-2026-45352

Vulnrichment•added 2026/05/29 7:14 p.m.•5 views

Exploits1

CVE-2026-45352 cpp-httplib DoS: Negative chunk-size in chunked Transfer-Encoding

5.3CVSS5.7AI score0.00128EPSS

CVE•added 2026/05/29 7:14 p.m.•20 views

CVE-2026-45352

The CVE-2026-45352 issue affects cpp-httplib (header-only HTTP/HTTPS library). Before version 0.43.4, the ChunkedDecoder::read_payload routine parses the chunk-size in chunked Transfer-Encoding with std::strtoul(), which can silently accept a minus sign. This allows negative chunk sizes (e.g., "-...

Exploits1References1Affected Software1

ATTACKERKB•added 2026/05/29 7:14 p.m.•8 views

CVE-2026-45352

5.3CVSS5.7AI score0.00128EPSS

Exploits1References2Affected Software1

Cvelist•added 2026/05/29 7:14 p.m.•38 views

CVE-2026-45352 cpp-httplib DoS: Negative chunk-size in chunked Transfer-Encoding

5.3CVSS0.00128EPSS

RedhatCVE•added 2026/05/29 6:39 p.m.•16 views

CVE-2026-7259

A flaw was found in PHP. When an attacker input can influence the encoding passed to mbregexencoding and the application subsequently uses mbregex search APIs, a NULL pointer dereference can occur due to a mismatch between the Oniguruma and mbfl encoding support. This issue can cause a crash in t...

6.5CVSS5.8AI score0.00084EPSS

Exploits0References4

Snyk•added 2026/05/29 3:19 p.m.•7 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the INTEGERdecodeoer function. An attacker can cause a denial of service or trigger incorrect integer interpretation in downstream applications by submitting a maliciously crafted, zero-length OER payload for a...

8.8CVSS5.8AI score0.00071EPSS

RedhatCVE•added 2026/05/29 2:21 p.m.•7 views

CVE-2026-44378

A flaw was found in Botan, a C++ cryptography library. A remote attacker could exploit this vulnerability by sending specially crafted Basic Encoding Rules BER data with indefinite length encodings. This could cause quadratic behavior in the parser, leading to a denial of service DoS due to...

7.5CVSS5.8AI score0.00055EPSS

OSV•added 2026/05/29 1:34 p.m.•6 views

OESA-2026-2491 libvncserver security update

libvncserver is a set of programs using the RFB Remote Frame Buffer protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets which LibVNCServer does, you can also connect using an in-browser VNC...

8.8CVSS5.9AI score0.00042EPSS