Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/05/06 8:54 p.m.1 views

EUVD-2026-28222

OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth derived from span attributes. In high-cardinality scenarios, a process using Zipkin export for client or producer spa...

5.3CVSS5.8AI score0.00016EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/04 7:14 p.m.1 views

CVE-2026-7768

@fastify/accepts-serializer cached serializer-selection results keyed by the request Accept header without a size limit or eviction policy. A remote unauthenticated client could send many distinct but matching Accept header variants to make the cache grow unbounded, eventually exhausting the...

7.5CVSS5.8AI score0.00048EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/03/18 12:23 a.m.26 views

CVE-2026-27980 Next.js: Unbounded next/image disk cache growth can exhaust storage

Next.js is a React framework for building full-stack web applications. Starting in version 10.0.0 and prior to version 16.1.7, the default Next.js image optimization disk cache /next/image did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many...

6.9CVSS0.00023EPSS
Exploits0References3
OSV
OSVadded 2026/02/18 10:30 a.m.3 views

OSEC-2026-02 ARP unbounded memory usage

Background Mirage's implementation of the ARP protocol RFC826 caches ARP replies to construct an IPv4 address - MAC address cache. This cache is long-lived effectively global, and also contains pending ARP requests, which are replaced by the reply, or deleted after a timeout. ARP replies that do...

7.4CVSS6AI score
Exploits0References1
Veracode
Veracodeadded 2025/02/26 5:47 a.m.10 views

Variable Reuse In Cached Queries

@graphql-mesh/runtime is vulnerable to variable reuse in cached queries. The vulnerability is due to the LRU-based cache retention of DocumentNode, which prevents updated variables, including authentication tokens, from being applied in subsequent requests. It allows an attacker to force a victim...

7.5CVSS6.8AI score0.00414EPSS
Exploits0References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2022/08/19 3:55 a.m.2 views

Malicious code in lru-cahle (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d712c8ee59bcd733d1811a9d25991c585250e4ced415080e414947f34020d208 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSVadded 2022/08/19 3:55 a.m.4 views

MAL-2022-4411 Malicious code in lru-cahle (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d712c8ee59bcd733d1811a9d25991c585250e4ced415080e414947f34020d208 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder