PT-2026-5339

Name of the Vulnerable Software and Affected Versions Monkey affected versions not specified Description A use-after-free issue exists in the mk http request end function located in mk server/mk http.c. This flaw allows attackers to potentially cause a Denial of Service DoS by sending a specially...

PT-2026-5337

Name of the Vulnerable Software and Affected Versions monkey commit f37e984 Description An out-of-bounds read exists in the mk ptr to buf function within the mk core function located in mk memory.c. This issue can be triggered by sending a specially crafted HTTP request to the server, potentially...

PT-2026-5340

Name of the Vulnerable Software and Affected Versions monkey commit f37e984 Description An out-of-bounds read exists in the mk vhost fdt close function located in mk server/mk vhost.c. This issue allows attackers to cause a Denial of Service DoS by sending a crafted HTTP request to the server...

CVE-2025-63658

CVE-2025-63658 is a stack overflow vulnerability in the Monkey server code. The flaw resides in the mk_http_index_lookup function (mk_server/mk_http.c) triggered by handling crafted HTTP requests, leading to Denial of Service. The observed root cause is a stack overflow in the handling/lookup log...