Lucene search
K

27543 matches found

Cvelist
Cvelist
added last week34 views

CVE-2026-54896 Oj: Heap Buffer Overflow in Oj.dump Exception Serialization via Large Indent

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object'...

2.1CVSS0.00119EPSS
Exploits0References1
CVE
CVE
added last week26 views

CVE-2026-54896

Oj (Optimized JSON) Ruby gem prior to 3.17.2 is affected when operating in object mode; Oj.dump can trigger a heap buffer overflow while serializing Exception objects with a large indent value. The issue stems from allocating a buffer sized for object attributes but not accounting for accumulated...

2.1CVSS6AI score0.00119EPSS
Exploits0References1
Debian CVE
Debian CVE
added last week4 views

CVE-2026-54896

Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in object mode, Oj.dump is vulnerable to a heap buffer overflow when serializing Exception objects with a large :indent value. The serializer allocates a buffer sized for the object'...

2.1CVSS6AI score0.00119EPSS
Exploits0
OSV
OSV
added last week3 views

DEBIAN-CVE-2026-56369

ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaintext information from encrypted images...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References1
OSV
OSV
added last week5 views

DEBIAN-CVE-2026-14110

Inappropriate implementation in DarkMode in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00195EPSS
Exploits0References1
NVD
NVD
added last week4 views

CVE-2026-13788

Use after free in Fullscreen in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS0.00379EPSS
Exploits0References2
CVE
CVE
added last week24 views

CVE-2026-54500

Oj (Optimized JSON) is a Ruby gem for JSON parsing/ marshalling. Affects versions prior to 3.17.3 where Oj.load in mode :object reads uninitialized stack memory when a JSON object has a long key (254+ bytes). In ext/oj/intern.c, form_attr() passes an uninitialized stack buffer to rb_intern3(), ca...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References1
CVE
CVE
added last week18 views

CVE-2026-14110

The CVE-2026-14110 entry concerns Google Chrome’s DarkMode implementation. Affected product: Google Chrome (Chromium-based) before version 150.0.7871.47. Issue: Inappropriate DarkMode implementation allows a remote attacker to achieve UI spoofing via a crafted HTML page. Root cause: improper hand...

4.3CVSS5.8AI score0.00195EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added last week3 views

CVE-2026-13788

Use after free in Fullscreen in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.2AI score0.00379EPSS
Exploits0
NVD
NVD
added last week9 views

CVE-2026-50254

An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it...

8.7CVSS0.00379EPSS
Exploits0References3
NVD
NVD
added last week7 views

CVE-2026-50003

A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...

9.8CVSS0.00435EPSS
Exploits0References3
Cvelist
Cvelist
added last week31 views

CVE-2026-50003 OFFIS DCMTK Toolkit Path Traversal

A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative ../ paths and absolute paths...

9.8CVSS0.00435EPSS
Exploits0References3
Cvelist
Cvelist
added last week32 views

CVE-2026-50254 OFFIS DCMTK Toolkit Missing Release of Memory after Effective Lifetime

An unauthenticated remote attacker can repeatedly send a single crafted connection request to leak memory. Against storescp in its default single-process mode, memory grows quickly and the service is eventually killed, after which it stops accepting connections until an operator restarts it...

8.7CVSS0.00379EPSS
Exploits0References3
CVE
CVE
added last week19 views

CVE-2026-50254

CVE-2026-50254 affects the DCMTK toolkit’s storescp component. An unauthenticated remote attacker can repeatedly send a crafted connection request, causing a memory leak that grows quickly in the default single-process mode, ultimately killing the service and requiring an operator to restart it. ...

8.7CVSS5.9AI score0.00379EPSS
Exploits0References3
EUVD
EUVD
added last week6 views

EUVD-2026-40403

IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache state to cause requests from other users to be processed using incorrect upstream API credentials,...

9.6CVSS5.8AI score0.00201EPSS
Exploits0References1
Cvelist
Cvelist
added last week32 views

CVE-2026-10140 Cross-Tenant API Key Reuse and Billing Fraud in Langflow Voice Mode Subsystem

IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache state to cause requests from other users to be processed using incorrect upstream API credentials,...

9.6CVSS0.00201EPSS
Exploits0References1
Cvelist
Cvelist
added last week31 views

CVE-2026-10564 SSRF Vulnerability in Langflow OSS Legacy Components Bypasses Protection

IBM Langflow OSS 1.0.0 through 1.9.6 contains a Server-Side Request Forgery SSRF. The legacy RSSReaderComponent in rss.py and SearXNG component in searxng.py make unvalidated HTTP requests to user-controlled URLs, bypassing SSRF protections introduced in version 1.9.3. An authenticated attacker c...

8.2CVSS0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added last week8 views

CVE-2026-53433

A flaw was found in fzf, a command-line fuzzy finder. This vulnerability allows a remote attacker to cause a Denial of Service DoS by sending a crafted POST request with many small segments to the --listen mode. The inefficient HTTP body processing, which uses repeated string concatenation, leads...

7.5CVSS5.8AI score0.00215EPSS
Exploits0References6
OSV
OSV
added last week3 views

DEBIAN-CVE-2026-53433

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

7.5CVSS5.8AI score0.00215EPSS
Exploits0References1
NVD
NVD
added last week8 views

CVE-2026-53433

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

7.5CVSS0.00215EPSS
Exploits0References3
Rows per page
Query Builder