Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

671 matches found

RedhatCVE
RedhatCVEadded 2026/06/11 2:59 p.m.12 views

CVE-2026-52759

Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load command count value, forcing the parser to allocate...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/06/11 2:59 p.m.10 views

CVE-2026-49495

Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the export trie causes unbounded queue growth and exponential stri...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References1
NVD
NVDadded 2026/06/10 2:16 p.m.12 views

CVE-2026-52759

Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load command count value, forcing the parser to allocate...

6.7CVSS0.00151EPSS
Exploits1References2
NVD
NVDadded 2026/06/10 2:16 p.m.16 views

CVE-2026-49495

Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the export trie causes unbounded queue growth and exponential stri...

6.7CVSS0.00151EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/06/10 12:43 p.m.36 views

CVE-2026-52759 Ghidra < 12.1.1 - Denial of Service via Uncontrolled Memory Allocation in Mach-O Parser

Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load command count value, forcing the parser to allocate...

6.7CVSS0.00151EPSS
Exploits1References2
EUVD
EUVDadded 2026/06/10 12:43 p.m.7 views

EUVD-2026-36018

Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load command count value, forcing the parser to allocate...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/06/10 12:43 p.m.6 views

CVE-2026-52759 Ghidra < 12.1.1 - Denial of Service via Uncontrolled Memory Allocation in Mach-O Parser

Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load command count value, forcing the parser to allocate...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References2
CVE
CVEadded 2026/06/10 12:43 p.m.78 views

CVE-2026-52759

Ghidra is affected by CVE-2026-52759 through the Mach-O binary parser prior to version 12.1.1. The vulnerability arises from an uncontrolled memory allocation when parsing Mach-O files with an arbitrarily large ncmds load command count, causing the parser to allocate excessive heap memory without...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References2Affected Software1
EUVD
EUVDadded 2026/06/10 12:36 p.m.9 views

EUVD-2026-36004

Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the export trie causes unbounded queue growth and exponential stri...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/06/10 12:36 p.m.32 views

CVE-2026-49495 Ghidra 10.2 < 12.1 - Denial of Service via Circular Reference in Mach-O Export Trie Parser

Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the export trie causes unbounded queue growth and exponential stri...

6.7CVSS0.00151EPSS
Exploits1References2
CVE
CVEadded 2026/06/10 12:36 p.m.83 views

CVE-2026-49495

Ghidra 10.2 before 12.1 contains an uncontrolled resource-consumption vulnerability in ExportTrie.parseTrie() that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the export trie can cause unbounded queue growth and exponential...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/10 12:36 p.m.10 views

CVE-2026-49495 Ghidra 10.2 < 12.1 - Denial of Service via Circular Reference in Mach-O Export Trie Parser

Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the export trie causes unbounded queue growth and exponential stri...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2026/06/10 12:0 a.m.7 views

PT-2026-48419

Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load command count value, forcing the parser to allocate...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References3
CNNVD
CNNVDadded 2026/06/10 12:0 a.m.13 views

NSA Ghidra 安全漏洞

NSA Ghidra is an open-source reverse-engineering tool developed by the National Security Agency National Security Agency of the United States. Previous versions of NSA Ghidra, up to version 12.1.1, contained security vulnerabilities. These vulnerabilities stemmed from the Mach-O binary parser,...

6.7CVSS5.3AI score0.00151EPSS
Exploits1References1
CNNVD
CNNVDadded 2026/06/10 12:0 a.m.12 views

NSA Ghidra 安全漏洞

NSA Ghidra is an open-source reverse-engineering tool developed by the National Security Agency National Security Agency of the United States. Previous versions of NSA Ghidra, such as version 12.1, contained security vulnerabilities. These vulnerabilities stemmed from a flaw in the...

6.7CVSS5.4AI score0.00151EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2026/06/10 12:0 a.m.13 views

PT-2026-48406

Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the export trie causes unbounded queue growth and exponential stri...

6.7CVSS5.5AI score0.00151EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2026/05/29 7:47 p.m.24 views

Sparkle's AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection

Summary AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection. Details Autoupdate/AppInstaller.m's shouldAcceptNewConnection: only enforces SUCodeSigningVerifier validateConnection: before stage 1 completes. After...

5.8AI score0.00014EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/05/29 12:0 a.m.12 views

PT-2026-45020

Summary AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection. Details Autoupdate/AppInstaller.m's shouldAcceptNewConnection: only enforces SUCodeSigningVerifier validateConnection: before stage 1 completes. After...

4.2CVSS5.8AI score0.00014EPSS
Exploits0References3
ICS
ICSadded 2026/05/26 12:0 a.m.20 views

Hitachi Energy MACH HiDraw

SUMMARY Hitachi Energy is aware of a buffer overflow vulnerability that affects MACH HiDraw product versions listed in this document. Successful exploitation of this vulnerability could lead to a buffer overflow condition, potentially resulting in application outages denial of service and...

4.4CVSS6.3AI score0.00103EPSS
Exploits0References10
GithubExploit
GithubExploitadded 2026/05/23 8:25 p.m.99 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Ipados

dyld-signing-oracle-poc A controlled exploration of dyld's pa...

7.8CVSS6AI score0.01319EPSS
Exploits4
Rows per page
Query Builder