Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

UbuntuCve
UbuntuCveadded 2026/04/02 5:16 p.m.2 views

CVE-2026-34786

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a...

5.3CVSS5.9AI score0.00195EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2026/04/02 4:44 p.m.1 views

CVE-2026-34785

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Static determines whether a request should be served as a static file using a simple string prefix check. When configured with URL prefixes such as "/css", it matches any request path that begins with...

7.5CVSS5.2AI score0.00308EPSS
Exploits0
BDU FSTEC
BDU FSTECadded 2022/07/08 12:0 a.m.2 views

The vulnerability of the modular interface between web servers and web applications in Rack, related to improper input validation, allows attackers to execute DoS attacks.

The vulnerability of the modular interface between web servers and web applications in Rack is related to insufficient validation of data entered by users during the analysis of complex POST requests. Exploiting this vulnerability allows a malicious actor to execute a DoS attack using a specially...

7.8CVSS6.7AI score0.02056EPSS
Exploits0References10Affected Software9
Rows per page
Query Builder