Lucene search
K

820 matches found

CVE
CVE
added 6 hours ago5 views

CVE-2026-59246

The CVE concerns elixir-mint mint: an unbounded chain of zero-length HTTP/2 CONTINUATION frames can bypass the header-block size cap in Mint.HTTP2.handle_continuation/3, causing unbounded memory growth on the client and eventual out-of-memory termination. The vulnerability arises because each CON...

6.3CVSS6.2AI score
Exploits0References4
Cvelist
Cvelist
added 6 hours ago6 views

CVE-2026-59246 Zero-length HTTP/2 CONTINUATION frames bypass Mint's header-block byte-size cap and exhaust client memory

Allocation of resources without limits vulnerability in elixir-mint mint allows a remote HTTP/2 server to exhaust memory on the client host and cause a denial of service. The Mint.HTTP2.handlecontinuation/3 function in lib/mint/http2.ex accumulates the header-block fragment carried by each HTTP/2...

6.3CVSS
Exploits0References4
EUVD
EUVD
added 6 hours ago3 views

EUVD-2026-43643

Allocation of resources without limits vulnerability in elixir-mint mint allows a remote HTTP/2 server to exhaust memory on the client host and cause a denial of service. The Mint.HTTP2.handlecontinuation/3 function in lib/mint/http2.ex accumulates the header-block fragment carried by each HTTP/2...

6.3CVSS6.2AI score
Exploits0References4
CVE
CVE
added 6 hours ago6 views

CVE-2026-58229

The CVE-2026-58229 issue affects the Elixir Mint HTTP client. Mint.HTTP1.decode_headers/5 and Mint.HTTP1.decode_trailer_headers/4 accumulate all parsed response headers and trailer fields into a request.headers_buffer without a cap, and decoding uses unlimited per-line/packet limits. A malicious ...

8.2CVSS6.2AI score
Exploits0References4
Cvelist
Cvelist
added 6 hours ago5 views

CVE-2026-58229 Unbounded HTTP/1 response-header and chunked-trailer accumulation in Mint causes memory-exhaustion DoS

Allocation of resources without limits vulnerability in elixir-mint mint allows a remote HTTP server to exhaust memory on the client host and cause a denial of service. The Mint.HTTP1.decodeheaders/5 and Mint.HTTP1.decodetrailerheaders/4 functions in lib/mint/http1.ex accumulate every parsed...

8.2CVSS
Exploits0References4
EUVD
EUVD
added 6 hours ago4 views

EUVD-2026-43642

Allocation of resources without limits vulnerability in elixir-mint mint allows a remote HTTP server to exhaust memory on the client host and cause a denial of service. The Mint.HTTP1.decodeheaders/5 and Mint.HTTP1.decodetrailerheaders/4 functions in lib/mint/http1.ex accumulate every parsed...

8.2CVSS6.2AI score
Exploits0References4
Nuclei
Nuclei
added 8 hours ago52 views

Mail Mint < 1.19.5 - Unauthenticated Email Disclosure

Mail Mint WordPress plugin 1.19.5 contains an information disclosure vulnerability caused by lack of authorization in a REST API endpoint, letting unauthenticated users retrieve email addresses of blog users, exploit requires no authentication. id: CVE-2026-2025 info: name: Mail Mint 1.19.5 -...

7.5CVSS6.1AI score0.01379EPSS
Exploits0References3
NVD
NVD
added 4 days ago6 views

CVE-2026-12918

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS0.00319EPSS
Exploits0References6
EUVD
EUVD
added 4 days ago10 views

EUVD-2026-42862

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS6.1AI score0.00319EPSS
Exploits0References6
CVE
CVE
added 4 days ago13 views

CVE-2026-12918

Summary of CVE-2026-12918 (Mail Mint WordPress plugin) : The plugin (versions up to and including 1.24.1) is vulnerable to a general SQL Injection via the recipients parameter due to insufficient escaping and unsafe query construction. This is a second-order injection: an attacker with authentica...

4.9CVSS6.1AI score0.00319EPSS
Exploits0References6
Cvelist
Cvelist
added 4 days ago35 views

CVE-2026-12918 Mail Mint <= 1.24.1 - Authenticated (Administrator+) SQL Injection via 'recipients' Parameter

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to generic SQL Injection via the 'recipients' parameter in all versions up to, and including, 1.24.1 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS0.00319EPSS
Exploits0References6
Circl
Circl
added 4 days ago7 views

CVE-2026-49753

creationtimestamp| type| source ---|---|--- 2026-07-10 00:35:19+00:00| published-proof-of-concept| https://github.com/elixir-mint/mint/security/advisories/GHSA-mjqx-c6f6-7rc2 2026-07-10 03:41:59+00:00| seen| https://gist.github.com/alon710/bc442ee88dc103da228f4212da5b648e...

6.3CVSS5.9AI score0.00301EPSS
Exploits0References2
Circl
Circl
added 4 days ago7 views

CVE-2026-49754

creationtimestamp| type| source ---|---|--- 2026-07-10 00:35:16+00:00| published-proof-of-concept| https://github.com/elixir-mint/mint/security/advisories/GHSA-2p26-p43x-fhp8 2026-07-10 03:12:07+00:00| seen| https://gist.github.com/alon710/e074ac5405ee20f6dd8bded11414265c...

8.2CVSS5.9AI score0.00384EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago16 views

EUVD-2026-34013

Tesla vulnerable to atom exhaustion via untrusted URL scheme...

8.2CVSS5.9AI score0.00301EPSS
Exploits0References5
EUVD
EUVD
added 5 days ago12 views

EUVD-2026-33939

mint: Unbounded streams map growth via PUSHPROMISE without follow-up HEADERS...

8.2CVSS5.9AI score0.00384EPSS
Exploits0References5
EUVD
EUVD
added 5 days ago15 views

EUVD-2026-33940

mint: Unbounded CONTINUATION/HEADERS frame accumulation CONTINUATION flood...

8.2CVSS5.9AI score0.00384EPSS
Exploits0References5
EUVD
EUVD
added 5 days ago12 views

EUVD-2026-33941

mint: Content-Length header accepts non-RFC "+" sign prefix...

6.3CVSS5.9AI score0.00301EPSS
Exploits0References5
EUVD
EUVD
added 5 days ago13 views

EUVD-2026-33938

mint has potential CRLF injection in its HTTP request line via unvalidated method/target...

2.1CVSS5.9AI score0.00166EPSS
Exploits0References5
Patchstack
Patchstack
added 5 days ago4 views

WordPress Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin <= 1.24.1 - Authenticated (Administrator+) SQL Injection vulnerability

Authenticated Administrator+ SQL Injection vulnerability discovered by PRISM in WordPress Plugin Mail Mint versions = 1.24.1...

4.9CVSS6.1AI score0.00319EPSS
Exploits0References1Affected Software1
NVD
NVD
added 5 days ago8 views

CVE-2026-14342

The Mail Mint – Email Marketing, Newsletter, Email Automation & WooCommerce Emails plugin for WordPress is vulnerable to time-based SQL Injection via the 'contactids' parameter in all versions up to, and including, 1.24.2 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS0.00266EPSS
Exploits0References5
Rows per page
Query Builder