Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/13 7:28 p.m.8 views

CVE-2026-28376

The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated user with access to the Grafana Live API can trigger this issue...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/13 7:28 p.m.11 views

CVE-2026-28376 Grafana Live push endpoint allows unbounded memory allocation leading to OOM

The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated user with access to the Grafana Live API can trigger this issue...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/05/13 7:28 p.m.20 views

CVE-2026-28376

The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated user with access to the Grafana Live API can trigger this issue...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References1
CVE
CVE
added 2026/03/27 6:23 p.m.33 views

CVE-2026-26061

CVE-2026-26061 affects the open‑source Fleet device management platform. Versions prior to 4.81.0 expose multiple unauthenticated HTTP endpoints that read request bodies without a size limit, enabling an unauthenticated attacker to send large or repeated payloads and trigger excessive memory allo...

8.7CVSS5.9AI score0.00434EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2025/11/11 7:52 p.m.10 views

rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion

A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::RequestPOST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing...

7.5CVSS6.4AI score0.00605EPSS
Exploits0References8
AlpineLinux
AlpineLinux
added 2018/06/26 4:0 p.m.29 views

CVE-2018-1000538

Minio Inc. Minio S3 server version prior to RELEASE.2018-05-16T23-35-33Z contains a Allocation of Memory Without Limits or Throttling similar to CWE-774 vulnerability in write-to-RAM that can result in Denial of Service. This attack appear to be exploitable via Sending V4-presigned requests with...

7.5CVSS6AI score0.01508EPSS
Exploits0References2
Rows per page
Query Builder