CVE-2026-44902

opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.217.0, a single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint default 0.0.0.0:9464 has no error handling around URL parsing, so a request with an invalid...

CVE-2026-44902 opentelemetry-js: Prometheus exporter process crash via malformed HTTP request

opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.217.0, a single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint default 0.0.0.0:9464 has no error handling around URL parsing, so a request with an invalid...

CVE-2022-3181

An Improper Input Validation vulnerability exists in Trihedral VTScada version 12.0.38 and prior. A specifically malformed HTTP request could cause the affected VTScada to crash. Both local area network LAN-only and internet facing systems are affected...

httpd: mod_proxy_ajp remote temporary DoS

The modproxyajp module in the Apache HTTP Server before 2.2.21, when used with modproxybalancer in certain configurations, allows remote attackers to cause a denial of service temporary "error state" in the backend server via a malformed HTTP request...