Lucene search
+L

778 matches found

RedhatCVE
RedhatCVE
added 2026/07/07 2:39 p.m.8 views

CVE-2026-14742

A flaw was found in langgraph. A remote attacker could exploit this vulnerability by manipulating the defaultcachekey argument within the freeze function of the Task Result Cache component. This manipulation leads to the use of a weak hash, which may result in limited information disclosure...

3.1CVSS5.7AI score0.0016EPSS
Exploits0References10
NVD
NVD
added 2026/07/05 11:16 a.m.10 views

CVE-2026-14742

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...

3.1CVSS0.0016EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/05 10:45 a.m.8 views

EUVD-2026-41747

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...

3.1CVSS5AI score0.0016EPSS
Exploits0References7
CVE
CVE
added 2026/07/05 10:45 a.m.31 views

CVE-2026-14742

The CVE affects langchain-ai langgraph up to 1.2.4. The vulnerability lies in the function _freeze in libs/langgraph/langgraph/_internal/_cache.py (Task Result Cache). Manipulating the argument default_cache_key causes use of a weak hash, enabling a possible remote attack. Exploitation is describ...

3.1CVSS5AI score0.0016EPSS
Exploits0References7
OSV
OSV
added 2026/07/05 10:45 a.m.4 views

CVE-2026-14742 langchain-ai langgraph Task Result Cache _cache.py _freeze weak hash

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...

2.3CVSS5AI score0.0016EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/07/05 10:45 a.m.47 views

CVE-2026-14742 langchain-ai langgraph Task Result Cache _cache.py _freeze weak hash

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...

3.1CVSS0.0016EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Quota: Fixed a livelock issue between quotactl and freezesuper. When a filesystem is frozen, quotactlblock enters a retry loop, waiting for the filesystem to thaw. It acquires sumount, checks the freeze state, releases sumount, a...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/23 7:53 p.m.9 views

CVE-2026-55199

A vulnerability in libssh2 allows a malicious SSH server to freeze connected clients during the handshake process. By sending a malformed packet, the server triggers a loop that exhausts the client's CPU, resulting in a denial of service. Mitigation To mitigate this issue, ensure your libssh2...

8.2CVSS5.9AI score0.00408EPSS
Exploits1References6
OSV
OSV
added 2026/06/11 5:16 p.m.8 views

DEBIAN-CVE-2026-44496

Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who...

7.5CVSS5.3AI score0.00622EPSS
Exploits1References1
NVD
NVD
added 2026/06/11 5:16 p.m.18 views

CVE-2026-44496

Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who...

7.5CVSS0.00622EPSS
Exploits1References32
EUVD
EUVD
added 2026/06/11 3:34 p.m.10 views

EUVD-2026-36259

Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who...

7.5CVSS5.5AI score0.00622EPSS
Exploits1References1
OSV
OSV
added 2026/06/10 10:16 p.m.10 views

DEBIAN-CVE-2026-10143

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.processserverfirstmessage...

8.7CVSS5.5AI score0.00517EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/10 8:22 p.m.7 views

Unchecked Input for Loop Condition

Overview kafka-python is a Pure Python client for Apache Kafka Affected versions of this package are vulnerable to Unchecked Input for Loop Condition in the SCRAM authentication handling. An attacker can cause the client's event loop to freeze by supplying an excessively large iteration count...

8.7CVSS5.5AI score0.00517EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.24 views

kafka-python 资源管理错误漏洞

Kafka-Python is a distributed stream processing engine client library written entirely in Python by Dana Powers. Versions of Kafka-Python prior to 2.3.2 contained a resource management vulnerability. This vulnerability stemmed from the lack of verification of the iteration count during SCRAM...

8.7CVSS5.3AI score0.00517EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.11 views

CVE-2026-5938

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...

5.5CVSS5.5AI score0.00103EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 4:19 p.m.16 views

EUVD-2026-34138

In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the adapter to freeze, stoppi...

5.6AI score0.00389EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ibmveth driver not disabling GSO for data packets with an MSS of less than 224 bytes. This...

8.6CVSS5.3AI score0.00389EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-45895

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - quota: fix livelock between quotactl and freezesuper When a filesystem is frozen, quotactlblock enters a retry loop waiting for the filesystem to thaw. It...

5.5CVSS6.2AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.10 views

SUSE CVE-2026-45895

In the Linux kernel, the following vulnerability has been resolved: quota: fix livelock between quotactl and freezesuper When a filesystem is frozen, quotactlblock enters a retry loop waiting for the filesystem to thaw. It acquires sumount, checks the freeze state, drops sumount and uses...

5.8AI score0.00155EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 3:1 a.m.18 views

CVE-2026-45895

A flaw was found in the Linux kernel. A local attacker could exploit a livelock condition between the quotactl and freezesuper operations. This occurs when a filesystem is frozen and the quotactlblock function enters a retry loop, preventing the system from reaching an RCU Read-Copy Update...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References4
Rows per page
Query Builder