Lucene search
+L

209 matches found

NVD
NVD
added 2026/03/20 2:16 a.m.3 views

CVE-2026-32874

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. The leaked memory is a copy of the string form of the integer plus a...

7.5CVSS0.00479EPSS
Exploits0References6
OSV
OSV
added 2026/03/20 2:16 a.m.5 views

UBUNTU-CVE-2026-32874

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. The leaked memory is a copy of the string form of the integer plus a...

7.5CVSS5.7AI score0.00479EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/03/20 1:31 a.m.5 views

CVE-2026-32874

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. The leaked memory is a copy of the string form of the integer plus a...

7.5CVSS5.3AI score0.00479EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/20 1:31 a.m.24 views

CVE-2026-32874 UltraJSON has a Memory Leak parsing large integers allows DoS

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. The leaked memory is a copy of the string form of the integer plus a...

7.5CVSS0.00479EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/20 1:31 a.m.2 views

CVE-2026-32874

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. The leaked memory is a copy of the string form of the integer plus a...

7.5CVSS5.7AI score0.00479EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/20 1:31 a.m.45 views

CVE-2026-32874

UltraJSON (ujson) for Python, C-based fast JSON encoder/decoder, is affected in versions 5.4.0–5.11.0 by a memory-leak in parsing large integers that fall outside [-2^63, 2^64-1]. The leak copies the integer’s string form plus an extra NULL byte and occurs regardless of whether the integer parses...

7.5CVSS5.7AI score0.00479EPSS
Exploits0References6Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/20 1:31 a.m.3 views

CVE-2026-32874

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. The leaked memory is a copy of the string form of the integer plus a...

7.5CVSS5.4AI score0.00479EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/20 1:31 a.m.4 views

CVE-2026-32874 UltraJSON has a Memory Leak parsing large integers allows DoS

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. The leaked memory is a copy of the string form of the integer plus a...

7.5CVSS5.8AI score0.00479EPSS
Exploits0References3
OSV
OSV
added 2026/03/20 1:31 a.m.5 views

CVE-2026-32874 UltraJSON has a Memory Leak parsing large integers allows DoS

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. The leaked memory is a copy of the string form of the integer plus a...

7.5CVSS5.8AI score0.00479EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/03/20 12:0 a.m.6 views

CVE-2026-32874

UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. The leaked memory is a copy of the string form of the integer plus a...

7.5CVSS5.7AI score0.00479EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

UltraJSON 安全漏洞

UltraJSON is an open-source, ultra-fast JSON encoder and decoder written in pure C language, and compatible with Python 3.7+. Versions of UltraJSON 5.11.0 and earlier contained a security vulnerability caused by a memory leak during the parsing of large integers, which could lead to a...

7.5CVSS5.8AI score0.00479EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-32874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak ...

7.5CVSS5.7AI score0.00479EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/18 1:1 p.m.5 views

Missing Release of Memory after Effective Lifetime

Overview ujson is an Ultra fast JSON encoder and decoder for Python Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime in the ujson.load, ujson.loads, or ujson.decode functions when parsing large integers outside the range -2^63, 2^64 - 1. An...

8.7CVSS5.8AI score0.00479EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/18 1:1 p.m.10 views

UltraJSON has a Memory Leak parsing large integers allows DoS

Summary ujson 5.4.0 to 5.11.0 inclusive contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. Exploitability Any service that calls ujson.load/ujson.loads/ujson.decode on untrusted inputs is affected and vulnerable to denial of service attacks...

7.5CVSS5.8AI score0.00479EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/18 1:1 p.m.11 views

GHSA-WGVC-GHV9-3PMM UltraJSON has a Memory Leak parsing large integers allows DoS

Summary ujson 5.4.0 to 5.11.0 inclusive contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. Exploitability Any service that calls ujson.load/ujson.loads/ujson.decode on untrusted inputs is affected and vulnerable to denial of service attacks...

7.5CVSS5.8AI score0.00479EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/17 12:0 a.m.6 views

PT-2026-26092

Name of the Vulnerable Software and Affected Versions UltraJSON versions 5.4.0 through 5.11.0 Description UltraJSON, a fast JSON encoder and decoder written in C with Python 3.7+ bindings, contains an accumulating memory leak when parsing large integers outside the range -2^63, 2^64 - 1 within JS...

7.8CVSS5.9AI score0.00479EPSS
Exploits0References27
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.11 views

NanoMQ 缓冲区错误漏洞

NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. Versions of NanoMQ prior to 0.24.6 contain a buffer error vulnerability. This vulnerability stems from the lack of boundary checks during the parsing of variable byte integers in MQTT v5, which can lead to...

7.5CVSS6AI score0.00302EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.8 views

PT-2026-6774

Name of the Vulnerable Software and Affected Versions OpenSTAManager versions 2.9.8 and earlier Description OpenSTAManager contains a critical Error-Based SQL Injection issue within the Scadenzario Payment Schedule module’s bulk operations handler. The application does not properly validate that...

8.7CVSS6.2AI score0.00356EPSS
Exploits4References7
RedhatCVE
RedhatCVE
added 2026/01/09 9:16 a.m.7 views

CVE-2025-14460

The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to unauthorized order status modification in all versions up to, and including, 3.1.4. This is due to missing authorization checks on the payment callback endpoint handler when processing the 'fail' callback from the...

5.3CVSS5.8AI score0.0036EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.14 views

EUVD-2021-1897

Malware in sbrugna...

7.5CVSS7.5AI score0.01485EPSS
Exploits0References6
Rows per page
Query Builder