Lucene search
+L

1331 matches found

attackerkb
attackerkb
added 2026/05/12 7:58 p.m.8 views

CVE-2026-44223

vLLM is an inference and serving engine for large language models LLMs. From 0.18.0 to before 0.20.0, the extracthiddenstates speculative decoding proposer in vLLM returns a tensor with an incorrect shape after the first decode step, causing a RuntimeError that crashes the EngineCore process. The...

6.5CVSS5.9AI score0.00367EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/05/12 7:58 p.m.43 views

CVE-2026-44223 vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters

vLLM is an inference and serving engine for large language models LLMs. From 0.18.0 to before 0.20.0, the extracthiddenstates speculative decoding proposer in vLLM returns a tensor with an incorrect shape after the first decode step, causing a RuntimeError that crashes the EngineCore process. The...

6.5CVSS0.00367EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/05/12 7:58 p.m.8 views

CVE-2026-44223 vLLM: extract_hidden_states speculative decoding crashes server on any request with penalty parameters

vLLM is an inference and serving engine for large language models LLMs. From 0.18.0 to before 0.20.0, the extracthiddenstates speculative decoding proposer in vLLM returns a tensor with an incorrect shape after the first decode step, causing a RuntimeError that crashes the EngineCore process. The...

6.5CVSS5.9AI score0.00367EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/12 12:0 a.m.11 views

vLLM 安全漏洞

vLLM is an open-source LLM-based inference and service engine that features high throughput and efficient memory usage. Versions of vLLM prior to 0.20.0 contained a security vulnerability. This vulnerability stemmed from the extracthiddenstates speculative decoding proposal, which returned tensor...

6.5CVSS5.8AI score0.00367EPSS
Exploits0References1
euvd
euvd
added 2026/05/11 6:31 p.m.13 views

EUVD-2026-29156

A buffer overflow in dnsmasq’s extractaddresses function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extractname to advance the pointer past the record’s end...

6AI score0.00933EPSS
Exploits1References3
euvd
euvd
added 2026/05/11 6:31 p.m.18 views

EUVD-2026-29091

dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...

5.9AI score0.00754EPSS
Exploits1References4
osv
osv
added 2026/05/11 6:16 p.m.12 views

ALPINE-CVE-2026-5172

A buffer overflow in dnsmasq’s extractaddresses function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extractname to advance the pointer past the record’s end...

7.3CVSS6AI score0.00933EPSS
Exploits1References1
nvd
nvd
added 2026/05/11 6:16 p.m.29 views

CVE-2026-5172

A buffer overflow in dnsmasq’s extractaddresses function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extractname to advance the pointer past the record’s end...

7.5CVSS0.00933EPSS
Exploits1References10
cve
cve
added 2026/05/11 4:48 p.m.39 views

CVE-2026-5172

dnsmasq has a CVE-2026-5172 vulnerability: a buffer overflow in extract_addresses() can cause a heap out-of-bounds read and crash when processing a malformed DNS response. Exploitation is network-based (no user interaction). Remediation in the public advisories includes upgrading dnsmasq to a fix...

7.5CVSS6AI score0.00933EPSS
Exploits1References10
vulnrichment
vulnrichment
added 2026/05/11 4:48 p.m.8 views

CVE-2026-5172 CVE-2026-5172

A buffer overflow in dnsmasq’s extractaddresses function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extractname to advance the pointer past the record’s end...

6AI score0.00933EPSS
Exploits1References6
debiancve
debiancve
added 2026/05/11 4:48 p.m.15 views

CVE-2026-5172

A buffer overflow in dnsmasq’s extractaddresses function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extractname to advance the pointer past the record’s end...

7.5CVSS6AI score0.00933EPSS
Exploits1
cvelist
cvelist
added 2026/05/11 4:48 p.m.42 views

CVE-2026-5172 CVE-2026-5172

A buffer overflow in dnsmasq’s extractaddresses function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extractname to advance the pointer past the record’s end...

0.00933EPSS
Exploits1References6
debiancve
debiancve
added 2026/05/11 4:47 p.m.14 views

CVE-2026-2291

dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...

7.3CVSS5.9AI score0.00754EPSS
Exploits1
vulnrichment
vulnrichment
added 2026/05/11 4:47 p.m.5 views

CVE-2026-2291 CVE-2026-2291

dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...

5.9AI score0.00754EPSS
Exploits1References7
attackerkb
attackerkb
added 2026/05/11 4:47 p.m.7 views

CVE-2026-2291

dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...

7.3CVSS5.9AI score0.00754EPSS
Exploits1References9
alpinelinux
alpinelinux
added 2026/05/11 4:47 p.m.9 views

CVE-2026-2291

dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...

7.3CVSS5.9AI score0.00754EPSS
Exploits1
ubuntucve
ubuntucve
added 2026/05/11 12:0 p.m.12 views

CVE-2026-2291

dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...

7.3CVSS5.8AI score0.00754EPSS
Exploits1References2
osv
osv
added 2026/05/11 8:25 a.m.9 views

CLSA-2026-1778487942 Fix CVE(s): CVE-2026-25576

SECURITY UPDATE: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - debian/patches/CVE-2026-25576.patch: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - CVE-2026-25576...

5.5CVSS7.3AI score0.00181EPSS
Exploits0References1
osv
osv
added 2026/05/11 8:24 a.m.8 views

CLSA-2026-1778487863 Fix CVE(s): CVE-2026-25576

SECURITY UPDATE: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - debian/patches/CVE-2026-25576.patch: fix heap buffer over-read in raw pixel coders when -extract dimensions exceed -size dimensions - CVE-2026-25576...

5.5CVSS7.3AI score0.00181EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/11 12:0 a.m.14 views

DNSmasq 安全漏洞

DNSmasq is a DNS configuration tool developed by Simon Kelley. DNSmasq has a security vulnerability, which stems from the extractname function being exploitable, leading to a heap buffer overflow. This allows attackers to inject fake DNS cache entries, potentially redirecting DNS queries to...

7.3CVSS6.1AI score0.00754EPSS
Exploits1References1
Rows per page
Query Builder