Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded last week6 views

EUVD-2026-36152

libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 15.0.23, three cooperating omissions in @libp2p/gossipsub allow an unauthenticated single peer to exhaust the Node.js heap of any gossipsub node with default options. This issue has been patched in version 15.0.23...

7.5CVSS5.3AI score0.00263EPSS
Exploits0References1
Snyk
Snykadded 2026/05/21 9:38 p.m.7 views

Missing Release of Memory after Effective Lifetime

Overview @libp2p/gossipsub is an A typescript implementation of gossipsub Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime through unbounded growth of the topics data structure when processing subscription requests. An attacker can exhaust...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References2
vulnersOsv
vulnersOsvadded 2026/03/30 1:4 p.m.2 views

blake-streams (=0.1.0), fuel-p2p (>=0.4.0 <=0.5.0) +9 more potentially affected by CVE-2026-34219 via libp2p-gossipsub (>=0.28.0 <=0.35.0)

libp2p-gossipsub CARGO version =0.28.0, =0.4.0, =0.20.0, =0.36.0, =0.16.0, =0.1.0, =0.1.1, =0.2.0, =0.39.1, =0.39.3 Source cves: CVE-2026-34219 Source advisory: OSV:GHSA-XQMP-FXGV-XVQ5...

8.2CVSS5.4AI score0.00332EPSS
Exploits1
vulnersOsv
vulnersOsvadded 2026/03/18 7:54 p.m.2 views

blake-streams (=0.1.0), fuel-p2p (>=0.4.0 <=0.5.0) +9 more potentially affected by CVE-2026-33040 via libp2p-gossipsub (>=0.28.0 <=0.35.0)

libp2p-gossipsub CARGO version =0.28.0, =0.4.0, =0.20.0, =0.36.0, =0.16.0, =0.1.0, =0.1.1, =0.2.0, =0.39.1, =0.39.3 Source cves: CVE-2026-33040 Source advisory: OSV:GHSA-GC42-3JG7-RXR2...

8.7CVSS5.4AI score0.00473EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2026/01/09 9:55 a.m.6 views

CVE-2020-12821

Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack...

9.8CVSS7AI score0.01937EPSS
Exploits1References1
OSV
OSVadded 2022/12/19 9:15 a.m.1 views

CVE-2022-47547

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...

5.3CVSS5.8AI score0.0053EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/12/19 12:0 a.m.3 views

CVE-2022-47547

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score and thus not be pruned from the network even though it continuously misbehaves by never forwarding topic messages...

5.3AI score0.0053EPSS
Exploits1References1
CNVD
CNVDadded 2020/07/08 12:0 a.m.7 views

Unspecified Vulnerability in Gossipsub

Gossipsub is a scalable benchmark pubsub protocol based on randomized topic grids and Gossip. A security vulnerability exists in Gossipsub version 1.0, which stems from the program's failure to implement relevant security protections against invalid spam messages. An attacker can exploit this...

9.8CVSS6.8AI score0.01937EPSS
Exploits1References1
Rows per page
Query Builder