CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 6 days ago•34 views

CVE-2026-44892

CVE-2026-44892 affects Netty’s HTTP/3 codec. Before 4.2.15.Final, Http3ConnectionHandler defaults allow an unbounded maximum header size when HTTP3_SETTINGS_MAX_FIELD_SECTION_SIZE isn’t specified, enabling a malicious peer to flood headers and cause memory exhaustion (OutOfMemoryError) with netwo...

7.5CVSS5.4AI score0.00488EPSS

Exploits0References2Affected Software1

Positive Technologies•added 6 days ago•8 views

PT-2026-48925

Summary The HTTPDecoder in NIOHTTP1 enforces no limit on the total size of an HTTP/1 message's header block or on the number of header fields per message. A remote peer can submit an arbitrary number of small, valid headers in a single request and have them all accumulated into the resulting...

8.7CVSS5.8AI score0.00048EPSS

GitLab Advisory Database•added 6 days ago•5 views

SwiftNIO NIOHTTP1: HTTPDecoder accepts unbounded HTTP/1 header blocks, enabling remote DoS

The HTTPDecoder in NIOHTTP1 enforces no limit on the total size of an HTTP/1 message's header block or on the number of header fields per message. A remote peer can submit an arbitrary number of small, valid headers in a single request and have them all accumulated into the resulting HTTPHeaders...

5.6AI score0.00048EPSS

Exploits0References3Affected Software1

OSV•added 2026/06/08 7:2 p.m.•6 views

GHSA-C2RX-5R8W-8XR2 Netty has a Vulnerable Default Configuration Which Leads to Denial of Service via Unbounded HTTP/3 Header Size

Summary The default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not explicitly specify HTTP3SETTINGSMAXFIELDSECTIONSIZE, the implementation defaults to an unbounded limit. This insecure default configuration...

7.5CVSS5.5AI score0.00488EPSS

Positive Technologies•added 2026/06/08 12:0 a.m.•7 views

PT-2026-47563

Summary The default configuration of the Http3ConnectionHandler in the Netty HTTP/3 codec lacks an enforced maximum header size limit. When a peer does not explicitly specify HTTP3 SETTINGS MAX FIELD SECTION SIZE, the implementation defaults to an unbounded limit. This insecure default...

7.5CVSS5.5AI score

OSV•added 2026/06/06 10:16 a.m.•3 views

UBUNTU-CVE-2026-10725

Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per indexe...

7.5CVSS5.4AI score0.00431EPSS

Exploits0References7

EUVD•added 2026/06/06 9:14 a.m.•7 views

EUVD-2026-34964

Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per index...

5.7AI score0.00431EPSS

CNNVD•added 2026/06/06 12:0 a.m.•3 views

Protocol::HTTP2 安全漏洞

Protocol::HTTP2 is a Ruby protocol library developed by CROX’s individual developers, which implements functions for encoding/decoding HTTP/2 protocols, frame handling, and connection management. Versions of Protocol::HTTP2 prior to 1.12 contained security vulnerabilities. These vulnerabilities...

7.5CVSS5.3AI score0.00431EPSS

UbuntuCve•added 2026/05/13 9:16 p.m.•5 views

CVE-2026-42561

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.27, python-multipart has a denial of service vulnerability in multipart part header parsing. When parsing multipart/form-data, MultipartParser previously had no limit on the number of part headers or the size of an individu...

Cvelist•added 2026/05/13 8:55 p.m.•32 views

CVE-2026-42561 Python-Multipart: Denial of Service via unbounded multipart part headers

7.5CVSS0.00331EPSS

Exploits0References1

Debian CVE•added 2026/05/13 8:55 p.m.•8 views

CVE-2026-42561

Github Security Blog•added 2026/05/06 9:56 p.m.•18 views

Exploits0

python-multipart has Denial of Service via unbounded multipart part headers

Summary python-multipart has a denial of service vulnerability in multipart part header parsing. When parsing multipart/form-data, MultipartParser previously had no limit on the number of part headers or the size of an individual part header. An attacker could send a request with either many...

Exploits0References3Affected Software1

OSV•added 2026/05/06 9:56 p.m.•3 views

GHSA-PP6C-GR5W-3C5G python-multipart has Denial of Service via unbounded multipart part headers

OSV•added 2026/03/26 6:49 p.m.•3 views

GHSA-W9FJ-CFPG-GRVV Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass

Summary A remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on the number of CONTINUATION frames, combined with a bypass of existing size-based mitigations using zero-byte frames, allows an user to...

8.7CVSS6AI score0.00604EPSS

Ubuntu•added 2026/02/25 8:43 p.m.•5 views

USN-8065-1: Authlib vulnerabilities

Millie Solem discovered that Authlib did not properly restrict algorithm selection during JWT verification, allowing HMAC verification with asymmetric public keys when no algorithm was specified. A remote attacker could possibly use this issue to bypass signature verification and forge tokens,...

8.8CVSS5.7AI score0.00582EPSS

Exploits5

EUVD•added 2026/01/28 7:30 p.m.•4 views

EUVD-2025-206445

The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containi...

7.5CVSS5.9AI score0.00789EPSS