2 matches found
CVE-2026-54283
A flaw was found in Starlette where the request.form method silently ignores configured resource limits maxfields and maxpartsize when parsing application/x-www-form-urlencoded data. An unauthenticated attacker can exploit this by sending a urlencoded request body with an arbitrarily large number...
PT-2026-39114
Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.10 through 6.19 Description A stack out-of-bounds read exists in the nftables pipapo set backend within the pipapo drop function. The issue occurs because the function passes rulemapi + 1.n to pipapo unmap as the to...