Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

37 matches found

RedhatCVE
RedhatCVEadded 2026/05/01 8:47 a.m.3 views

CVE-2026-39457

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

7.8CVSS5.8AI score0.00151EPSS
Exploits0References1
NVD
NVDadded 2026/04/30 9:16 a.m.2 views

CVE-2026-39457

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

7.8CVSS0.00151EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/30 8:8 a.m.29 views

CVE-2026-35547 Heap overflow in libnv

When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to...

0.00316EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/30 8:8 a.m.4 views

CVE-2026-35547

When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to...

9.1CVSS5.2AI score0.00316EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/30 8:8 a.m.3 views

CVE-2026-35547 Heap overflow in libnv

When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to...

5.2AI score0.00316EPSS
Exploits0References1
CVE
CVEadded 2026/04/30 8:8 a.m.35 views

CVE-2026-35547

CVE-2026-35547 affects the libnv library. Description: processing the header of an incoming message may fail to validate message size, allowing writing outside a heap allocation. Impact per sources: crash/system panic and potential privilege escalation for unprivileged users. Affected products in...

8.1CVSS5.2AI score0.00316EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/30 8:1 a.m.4 views

CVE-2026-39457 Stack overflow via select() file descriptor set overflow

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

5.3AI score0.00151EPSS
Exploits0References1
CVE
CVEadded 2026/04/30 8:1 a.m.38 views

CVE-2026-39457

CVE-2026-39457 concerns the libnv library. The issue arises when exchanging data over a socket: libnv uses select(2) but does not verify that the socket descriptor fits within FD_SETSIZE (1024). This can allow an attacker to cause stack corruption by forcing a process to allocate many file descri...

7.8CVSS5.3AI score0.00151EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/04/30 8:1 a.m.33 views

CVE-2026-39457 Stack overflow via select() file descriptor set overflow

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

0.00151EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.1 views

FreeBSD : FreeBSD -- Heap overflow in libnv (c3a9c5a6-4435-11f1-bb07-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c3a9c5a6-4435-11f1-bb07-bc241121aa0a advisory. When processing the header of an incoming message, libnv failed to properly validate the message size...

8.1CVSS5.8AI score0.00316EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.1 views

FreeBSD : FreeBSD -- Stack overflow via select() file descriptor set overflow (892fabf5-4435-11f1-bb07-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 892fabf5-4435-11f1-bb07-bc241121aa0a advisory. When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not...

7.8CVSS5.8AI score0.00151EPSS
Exploits0References2
Packet Storm News
Packet Storm Newsadded 2026/04/29 12:0 a.m.4 views

FreeBSD Security Advisory - FreeBSD-SA-26:16.libnv

FreeBSD Security Advisory - When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024...

7.8CVSS5.2AI score0.00151EPSS
Exploits0
FreeBSD Advisory
FreeBSD Advisoryadded 2026/04/29 12:0 a.m.8 views

FreeBSD-SA-26:17.libnv

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:17.libnv Security Advisory The FreeBSD Project Topic: Heap overflow in libnv Category: core Module: libnv Announced: 2026-04-29 Credits: Mariusz Zaborski...

8.1CVSS5.9AI score0.00316EPSS
Exploits0
FreeBSD Advisory
FreeBSD Advisoryadded 2026/04/29 12:0 a.m.6 views

FreeBSD-SA-26:16.libnv

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:16.libnv Security Advisory The FreeBSD Project Topic: Stack overflow via select file descriptor set overflow Category: core Module: libnv Announced:...

7.8CVSS6AI score0.00151EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.7 views

PT-2026-36010

Name of the Vulnerable Software and Affected Versions dhclient affected versions not specified Description When building an environment to pass to dhclient-script, the software may resize the array of string pointers. The code responsible for expanding this array incorrectly calculates the new...

8.1CVSS6.2AI score0.01423EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.5 views

PT-2026-36011

Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent...

5.3AI score0.00432EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.4 views

PT-2026-36012

Name of the Vulnerable Software and Affected Versions FreeBSD versions prior to 15.0-RELEASE-p7 FreeBSD versions prior to 14.4-RELEASE-p3 FreeBSD versions prior to 14.3-RELEASE-p12 FreeBSD versions prior to 13.5-RELEASE-p13 FreeBSD versions from 2013 through 13.4.x Description An operator...

7.8CVSS6AI score0.00179EPSS
Exploits1References25
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.4 views

PT-2026-36008

Name of the Vulnerable Software and Affected Versions libnv affected versions not specified Description When exchanging data over a socket, the software uses the select function to wait for data. It fails to verify if the provided socket descriptor exceeds the file descriptor set size limit of FD...

7.8CVSS5.4AI score0.00151EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.3 views

PT-2026-36007

Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description When processing the header of an incoming message, libnv fails to properly validate the message size. This lack of validation allows a malicious program to write outside the bounds of a heap...

8.1CVSS6AI score0.00316EPSS
Exploits0References10
Packet Storm News
Packet Storm Newsadded 2026/04/29 12:0 a.m.5 views

FreeBSD Security Advisory - FreeBSD-SA-26:17.libnv

FreeBSD Security Advisory - When processing the header of an incoming message, libnv failed to properly validate the message size...

9.1CVSS5.2AI score0.00316EPSS
Exploits0
Rows per page
Query Builder