Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

636 matches found

EUVD
EUVDadded 5 hours ago3 views

EUVD-2026-38901

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...

5.7AI score
Exploits0References7
CVE
CVEadded 16 hours ago4 views

CVE-2026-52921

In the Linux kernel netfilter ipset code, a vulnerability was fixed where iterating IPv4 ranges with a 32-bit iterator could advance past the end of the requested range. This affects the following hash set variants: hash:ip,mark; hash:ip,port; hash:ip,port,ip; hash:ip,port,net. The underlying iss...

5.7AI score
Exploits0References8
Debian CVE
Debian CVEadded 16 hours ago3 views

CVE-2026-52921

In the Linux kernel, the following vulnerability has been resolved: n...

5.6AI score
Exploits0
EUVD
EUVDadded 16 hours ago7 views

EUVD-2026-38724

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: stop hash: range iteration at end The following hash set variants: hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net iterate IPv4 ranges with a 32-bit iterator. The iterator must stop once the last...

5.7AI score
Exploits0References8
NVD
NVDadded yesterday7 views

CVE-2026-8379

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly enforce its nonce check on the file download handler, allowing unauthenticated attackers to download files uploaded by any user through the Frontend File Manager Plugin WordPress plugin through 23.6 by iterating...

7.5CVSS0.00137EPSS
Exploits0References1
AstraLinux
AstraLinuxadded 5 days ago3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: block: Fixed the issue of iterating over an empty bio with bioforeachfolioall. If the bio contains no data, biofirstfolio calls pagefolio using a NULL pointer, resulting in a buffer overflow error. We’ve moved the test that check...

5.5CVSS5.8AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 5 days ago4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Use RCU for hciconnparams and iterate safely in hcisync. hciupdateacceptlistsync iterates over hdev-pendleconns and hdev-pendlereports, and waits for controller events within the loop body, without holding the hdev...

7.8CVSS6.5AI score0.00137EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 5 days ago4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fixed a race condition involving VMA iteration and mmstruct teardown. The exitmmap function will tear down the VMAs and the maple tree, provided that the mmaplock is held in write mode. Ensure that the maple tree remains...

4.7CVSS5.3AI score0.00096EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 5 days ago3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ntfs: check overflow when iterating ATTRRECORDs The kernel iterates over ATTRRECORDS in mft records in the ntfsattrfind function. Since ATTRRECORDS are adjacent to each other, the kernel can access the next ATTRRECORD from the en...

5.5CVSS6.3AI score0.00177EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 5 days ago2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fix for the iteration of extrefs during log replay. When calling inodeaddref and processing extrefs, if we jump to the next label, the value of victimname.len is undefined. This occurs because victimname.len wasn’t...

5.5CVSS6AI score0.00146EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/15 2:16 p.m.5 views

CVE-2026-10634 Use-after-free in Zephyr native TCP net_tcp_foreach() due to dropping tcp_lock during the callback

Zephyr's native TCP stack iterates the global connection list in nettcpforeach subsys/net/ip/tcp.c using the SYSSLISTFOREACHCONTAINERSAFE macro, which caches a pointer to the next list node. Prior to this fix the function released tcplock while invoking the per-connection callback and re-acquired...

4.8CVSS5.5AI score0.00162EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/15 12:0 a.m.9 views

PT-2026-49241

Zephyr's native TCP stack iterates the global connection list in net tcp foreach subsys/net/ip/tcp.c using the SYS SLIST FOR EACH CONTAINER SAFE macro, which caches a pointer to the next list node. Prior to this fix the function released tcp lock while invoking the per-connection callback and...

4.8CVSS5.5AI score0.00162EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/06/12 2:32 a.m.11 views

SUSE CVE-2026-10143

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.processserverfirstmessage...

8.7CVSS5.5AI score0.00388EPSS
Exploits0References3
EUVD
EUVDadded 2026/06/11 12:32 a.m.8 views

EUVD-2026-36128

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.processserverfirstmessage...

8.7CVSS5.5AI score0.00388EPSS
Exploits0References5
NVD
NVDadded 2026/06/10 10:16 p.m.11 views

CVE-2026-10143

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.processserverfirstmessage...

8.7CVSS0.00388EPSS
Exploits0References4
OSV
OSVadded 2026/06/10 10:16 p.m.7 views

DEBIAN-CVE-2026-10143

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.processserverfirstmessage...

8.7CVSS5.5AI score0.00388EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/10 8:22 p.m.28 views

CVE-2026-10143 kafka-python prior to 2.3.2 DoS via SCRAM Iteration Count in scram.py

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.processserverfirstmessage...

8.7CVSS0.00388EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/06/10 8:22 p.m.7 views

CVE-2026-10143 kafka-python prior to 2.3.2 DoS via SCRAM Iteration Count in scram.py

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.processserverfirstmessage...

8.7CVSS5.5AI score0.00388EPSS
Exploits0References4
CVE
CVEadded 2026/06/10 8:22 p.m.17 views

CVE-2026-10143

CVE-2026-10143 affects kafka-python prior to 2.3.2. The denial‑of‑service arises from ScramClient.process_server_first_message() passing the broker‑provided SCRAM iteration count directly to hashlib.pbkdf2_hmac() without validation in scram.py. This can freeze the client event loop, blocking prod...

8.7CVSS5.5AI score0.00388EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVEadded 2026/06/10 8:22 p.m.7 views

CVE-2026-10143

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.processserverfirstmessage...

8.7CVSS5.5AI score0.00388EPSS
Exploits0
Rows per page
Query Builder