CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

266 matches found

Debian CVE•added 2026/01/12 6:18 p.m.•6 views

CVE-2026-22776

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.1, a Denial of Service DoS vulnerability exists in cpp-httplib due to the unsafe handling of compressed HTTP request bodies Content-Encoding: gzip, br, etc.. The library validates the...

8.7CVSS5.3AI score0.00124EPSS

Exploits1

EUVD•added 2026/01/05 11:13 p.m.•2 views

EUVD-2026-1042

AIOHTTP Vulnerable to Cookie Parser Warning Storm...

6.9CVSS6.1AI score0.00011EPSS

Exploits0References4

EUVD•added 2026/01/05 11:13 p.m.•3 views

EUVD-2026-1043

AIOHTTP vulnerable to DoS through chunked messages...

8.7CVSS6.1AI score0.00042EPSS

Exploits0References5

Debian CVE•added 2026/01/01 5:54 p.m.•5 views

CVE-2026-21428

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to version 0.30.0, the writeheaders function does not check for CR & LF characters in user supplied headers, allowing untrusted header value to escape header lines. This vulnerability allows attackers to add...

8.7CVSS5.3AI score0.00018EPSS

Exploits1

OSV•added 2025/12/30 12:16 p.m.•2 views

OESA-2025-2857 cpp-httplib security update

A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include httplib.h file in your code! Security Fixes: cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled...

10CVSS7AI score0.00052EPSS

Exploits2References3

Fedora•added 2025/12/23 12:51 a.m.•6 views

[SECURITY] Fedora 43 Update: mingw-libsoup-2.74.3-14.fc43

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

7.5CVSS6.9AI score0.00082EPSS

Exploits0

Debian•added 2025/12/09 6:0 p.m.•6 views

[SECURITY] [DLA 4398-1] libsoup2.4 security update

Debian LTS Advisory DLA-4398-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson December 09, 2025 https://wiki.debian.org/LTS Package : libsoup2.4 Version : 2.72.0-2+deb11u3 CVE ID : CVE-2025-4476 CVE-2025-4945 CVE-2025-4948 CVE-2025-4969 Debian Bug : 1106325...

7.5CVSS6.7AI score0.00986EPSS

Exploits1

Debian CVE•added 2025/12/05 6:20 p.m.•3 views

CVE-2025-66577

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.27.0, a vulnerability allows attacker-controlled HTTP headers to influence server-visible metadata, logging, and authorization decisions. An attacker can supply X-Forwarded-For or X-Real-IP headers which...

5.3CVSS5.3AI score0.00052EPSS

Exploits1

EUVD•added 2025/12/05 6:20 p.m.•3 views

EUVD-2025-201454

5.3CVSS6.2AI score0.00052EPSS

Exploits1References2

Debian CVE•added 2025/12/05 6:18 p.m.•4 views

CVE-2025-66570

10CVSS7.7AI score0.00031EPSS

Exploits1

Tenable Nessus•added 2025/11/20 12:0 a.m.•3 views

TencentOS Server 4: cpp-httplib (TSSA-2025:0524)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0524 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.5CVSS5.4AI score0.0065EPSS

Exploits1References2

RedHat Linux•added 2025/11/11 3:7 p.m.•2 views

libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library

A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...

7.5CVSS5.7AI score0.00082EPSS

Exploits0References5

IBM Security Bulletins•added 2025/10/29 10:41 a.m.•5 views

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in python3-pip-wheel python3.12-pip python3.12-pip-wheel urllib3

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in python3-pip-wheel python3.12-pip python3.12-pip-wheel urllib3 Vulnerability Details CVEID:CVE-2025-50182 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. Starting in version...

6.1CVSS6AI score0.00066EPSS

Exploits0Affected Software1

Fedora•added 2025/10/14 10:22 p.m.•5 views

[SECURITY] Fedora 43 Update: rust-prometheus_exporter-0.8.5-5.fc43

Helper libary to export prometheus metrics using tiny-http...

5.9CVSS7AI score0.00175EPSS

Exploits0

NVD•added 2025/10/10 5:15 p.m.•2 views

CVE-2025-61689

HTTP.jl is an HTTP client and server functionality for the Julia programming language. Prior to version 1.10.19, HTTP.jl did not validate header names/values for illegal characters, allowing CRLF-based header injection and response splitting. This enables HTTP response splitting and header...

9.2CVSS0.00056EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•9 views

EUVD-2021-1440

Malware in sbrugna...

9.1CVSS8.9AI score0.00399EPSS

Exploits1References6

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2021-1461

Malware in sbrugna...

5.3CVSS5.2AI score0.00295EPSS

Exploits1References8