Lucene search
K

499374 matches found

EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-41513

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS6AI score
Exploits0References15
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-41511

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

5.9AI score
Exploits0References4
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-41500

By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory by flooding curl with rapid, sequential PING messages...

6AI score
Exploits0References4
GithubExploit
GithubExploit
added 2 hours ago11 views

Exploit for CVE-2026-11387

CVE-2026-11387 — SMS Alert = 3.9.5 ☆ Unauthenticated Privilege...

9.8CVSS6AI score0.0038EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2 hours ago3 views

CVE-2026-9563

A flaw was found in Eclipse Parsson. The JSON parser did not enforce a default maximum on the number of characters consumed while processing a single JSON document. A remote attacker could exploit this by providing a very large, specially crafted JSON document. This could force applications to...

7.5CVSS6AI score0.00366EPSS
Exploits0References8
NVD
NVD
added 2 hours ago4 views

CVE-2026-9230

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS
Exploits0References14
F5 Networks
F5 Networks
added 3 hours ago3 views

K000162071: Python vulnerability CVE-2025-11468

Security Advisory Description When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized. CVE-2025-11468...

5.7CVSS7AI score0.0055EPSS
Exploits0
NVD
NVD
added 3 hours ago5 views

CVE-2026-9080

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

Exploits0References3
NVD
NVD
added 3 hours ago4 views

CVE-2026-11586

By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory by flooding curl with rapid, sequential PING messages...

Exploits0References3
Cvelist
Cvelist
added 4 hours ago7 views

CVE-2026-9230 Quiz and Survey Master (QSM) <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Quiz Modification and Email Reroute via Leaked Nonce from /quiz/structure

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS
Exploits0References14
ATTACKERKB
ATTACKERKB
added 4 hours ago2 views

CVE-2026-9230

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS6AI score
Exploits0References15
CVE
CVE
added 4 hours ago4 views

CVE-2026-9230

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress

4.3CVSS6AI score
Exploits0References14
Cvelist
Cvelist
added 4 hours ago7 views

CVE-2026-9080 UAF after pause in socket callback

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

Exploits0References3
CVE
CVE
added 4 hours ago16 views

CVE-2026-9080

CVE-2026-9080 is a use-after-free in libcurl triggered when curl_easy_pause() is called from a socket callback (CURLMOPT_SOCKETFUNCTION). The event-path code re-enters the eviction/assessment flow and may free the associated sh_entry; the fix added a post-callback re-fetch of that entry in mev_sh...

5.9AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 4 hours ago2 views

CVE-2026-9080

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

5.9AI score
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 4 hours ago3 views

CVE-2026-9080

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

5.9AI score
Exploits0
Cvelist
Cvelist
added 4 hours ago7 views

CVE-2026-11586 WS Auto-PONG memory exhaustion

By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory by flooding curl with rapid, sequential PING messages...

Exploits0References3
ATTACKERKB
ATTACKERKB
added 4 hours ago2 views

CVE-2026-11586

By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory by flooding curl with rapid, sequential PING messages...

6AI score
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 4 hours ago2 views

CVE-2026-11586

By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory by flooding curl with rapid, sequential PING messages...

6AI score
Exploits0
CVE
CVE
added 4 hours ago15 views

CVE-2026-11586

The CVE-2026-11586 issue affects curl’s WebSocket handling: curl auto-responds to PING frames and has no upper bound on memory allocation for unacknowledged frames, enabling memory exhaustion via rapid PING floods. Affected are curl versions prior to 8.21.0 (e.g., 8.16.0). Remediation: upgrade to...

6AI score
Exploits0References3
Rows per page
Query Builder