Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

36 matches found

RedhatCVE
RedhatCVEadded 2026/05/01 8:47 a.m.1 views

CVE-2026-39457

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

7.8CVSS5.8AI score0.0001EPSS
Exploits0References1
NVD
NVDadded 2026/04/30 9:16 a.m.1 views

CVE-2026-39457

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

7.8CVSS0.0001EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/30 8:8 a.m.2 views

CVE-2026-35547

When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to...

9.1CVSS5.2AI score0.00034EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/30 8:8 a.m.26 views

CVE-2026-35547 Heap overflow in libnv

When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to...

0.00034EPSS
Exploits0References1
CVE
CVEadded 2026/04/30 8:8 a.m.29 views

CVE-2026-35547

CVE-2026-35547 affects the libnv library. Description: processing the header of an incoming message may fail to validate message size, allowing writing outside a heap allocation. Impact per sources: crash/system panic and potential privilege escalation for unprivileged users. Affected products in...

8.1CVSS5.2AI score0.00034EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/30 8:8 a.m.2 views

CVE-2026-35547 Heap overflow in libnv

When processing the header of an incoming message, libnv failed to properly validate the message size. The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible for an unprivileged user to...

5.2AI score0.00034EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/30 8:1 a.m.28 views

CVE-2026-39457 Stack overflow via select() file descriptor set overflow

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

0.0001EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/30 8:1 a.m.1 views

CVE-2026-39457 Stack overflow via select() file descriptor set overflow

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

5.3AI score0.0001EPSS
Exploits0References1
CVE
CVEadded 2026/04/30 8:1 a.m.29 views

CVE-2026-39457

CVE-2026-39457 concerns the libnv library. The issue arises when exchanging data over a socket: libnv uses select(2) but does not verify that the socket descriptor fits within FD_SETSIZE (1024). This can allow an attacker to cause stack corruption by forcing a process to allocate many file descri...

7.8CVSS5.3AI score0.0001EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.1 views

FreeBSD : FreeBSD -- Heap overflow in libnv (c3a9c5a6-4435-11f1-bb07-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c3a9c5a6-4435-11f1-bb07-bc241121aa0a advisory. When processing the header of an incoming message, libnv failed to properly validate the message size...

8.1CVSS5.8AI score0.00034EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/04/30 12:0 a.m.0 views

FreeBSD : FreeBSD -- Stack overflow via select() file descriptor set overflow (892fabf5-4435-11f1-bb07-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 892fabf5-4435-11f1-bb07-bc241121aa0a advisory. When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not...

7.8CVSS5.8AI score0.0001EPSS
Exploits0References2
FreeBSD Advisory
FreeBSD Advisoryadded 2026/04/29 12:0 a.m.3 views

FreeBSD-SA-26:16.libnv

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:16.libnv Security Advisory The FreeBSD Project Topic: Stack overflow via select file descriptor set overflow Category: core Module: libnv Announced:...

7.8CVSS6AI score0.0001EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.0 views

PT-2026-36007

Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description When processing the header of an incoming message, libnv fails to properly validate the message size. This lack of validation allows a malicious program to write outside the bounds of a heap...

8.1CVSS6AI score0.00034EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.1 views

PT-2026-36010

Name of the Vulnerable Software and Affected Versions dhclient affected versions not specified Description When building an environment to pass to dhclient-script, the software may resize the array of string pointers. The code responsible for expanding this array incorrectly calculates the new...

8.1CVSS6.2AI score0.00065EPSS
Exploits0References8
FreeBSD
FreeBSDadded 2026/04/29 12:0 a.m.8 views

FreeBSD -- Heap overflow in libnv

Problem Description: When processing the header of an incoming message, libnv failed to properly validate the message size. Impact: The lack of validation allows a malicious program to write outside the bounds of a heap allocation. This can trigger a crash or system panic, and it may be possible...

8.1CVSS5.3AI score0.00034EPSS
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/04/29 12:0 a.m.2 views

FreeBSD Security Advisory - FreeBSD-SA-26:16.libnv

FreeBSD Security Advisory - When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024...

7.8CVSS5.2AI score0.0001EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.0 views

PT-2026-36009

Name of the Vulnerable Software and Affected Versions FreeBSD dhclient affected versions not specified Description The FreeBSD DHCP client fails to escape embedded double-quotes when writing the BOOTP file field to the lease file. This allows a rogue DHCP server on the same network to inject...

8.1CVSS6.5AI score0.00038EPSS
Exploits0References24
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.2 views

PT-2026-36008

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FD SETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

5.3AI score0.0001EPSS
Exploits0References3
Packet Storm News
Packet Storm Newsadded 2026/04/29 12:0 a.m.2 views

FreeBSD Security Advisory - FreeBSD-SA-26:17.libnv

FreeBSD Security Advisory - When processing the header of an incoming message, libnv failed to properly validate the message size...

9.1CVSS5.2AI score0.00034EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.0 views

PT-2026-36011

Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent...

5.3AI score0.00065EPSS
Exploits0References3
Rows per page
Query Builder