5 matches found
PT-2026-41128
Name of the Vulnerable Software and Affected Versions MCP Registry versions prior to 1.7.9 Description OCI ownership validation fails to perform a label-match check when an upstream OCI registry returns an HTTP 429 Too Many Requests error. This occurs because the function ValidateOCI in the file...
CVE-2026-33594
A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection...
The vulnerability of the lighttpd web server arises from the execution of operations beyond the buffer in memory, allowing an attacker to bypass the ASLR protection mechanism and gain unauthorized access to protected information.
The vulnerability of the lighttpd web server arises from the issue of operations going beyond the buffer in memory when comparing values of the If-Modified-Since header fields. Exploiting this vulnerability allows a remote attacker to bypass the ASLR protection mechanism and gain unauthorized...
Courier: Missing rate limit in signup Form
Hello Team , Description When signing up for an account, you enter your email. When this email is already in use, the server responds with "UserConfirmed":true,"UserSub":"ae294fff-6d55-407d-9676-1f3518029037" This in not a problem, but the fact that you could send this request unlimited times is...
Instacart: Get all instacart emails - missing rate limit on /accounts/register
Hey Instacart team, When signing up for an account, you enter your email. When this email is already in use, the server responds with ""errors":"email":"has already been taken"" This in not a problem, but the fact that you could send this request unlimited times is the issue. This way we can easi...