AZL-76536 CVE-2025-63651 affecting package fluent-bit 3.1.10-4

A use-after-free in the mkstringcharsearch function mkcore/mkstring.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

AZL-76533 CVE-2025-63653 affecting package fluent-bit 3.1.10-4

An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

CVE-2025-63653

An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

CVE-2025-63652

A use-after-free in the mkhttprequestend function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

CVE-2026-1056

The Snow Monkey Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'generateuserdirpath' function in all versions up to, and including, 12.0.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the...

CVE-2025-63649

An out-of-bounds read in the httpparsertransferencodingchunked function mkserver/mkhttpparser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted POST request to the server...

CVE-2025-63653

An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

Monkey Server security vulnerabilities

Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from a null pointer dereferencing in the mkhttprangeparse function. This vulnerability may lead to denial-of-service attacks...

Monkey Server security vulnerabilities

Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from an out-of-bounds read in the mkmimetypefind function, potentially leading to a denial-of-service attack...

Monkey Server security vulnerabilities

Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from the mkptrtobuf function’s out-of-bounds read operation, potentially leading to denial-of-service attacks...

CVE-2025-63651

A use-after-free in the mkstringcharsearch function mkcore/mkstring.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

PT-2026-5339

Name of the Vulnerable Software and Affected Versions Monkey affected versions not specified Description A use-after-free issue exists in the mk http request end function located in mk server/mk http.c. This flaw allows attackers to potentially cause a Denial of Service DoS by sending a specially...

EUVD-2025-206525

A NULL pointer dereference in the mkhttprangeparse function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

CVE-2025-63657

An out-of-bounds read in the mkmimetypefind function mkserver/mkmimetype.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

CVE-2025-63655

CVE-2025-63655 describes a NULL pointer dereference in the mk_http_range_parse function (mk_server/mk_http.c) in the Monkey project, fixed in commit f37e984. The issue allows an attacker to cause a Denial of Service by sending a crafted HTTP request to the targeted server. Affected component is t...

Monkey Server security vulnerabilities

Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from a stack overflow in the mkhttpindexlookup function. This vulnerability could lead to denial-of-service attacks...

PT-2026-5344

A stack overflow in the mk http index lookup function mk server/mk http.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

CVE-2025-63651

A use-after-free in the mkstringcharsearch function mkcore/mkstring.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...

PT-2026-5337

Name of the Vulnerable Software and Affected Versions monkey commit f37e984 Description An out-of-bounds read exists in the mk ptr to buf function within the mk core function located in mk memory.c. This issue can be triggered by sending a specially crafted HTTP request to the server, potentially...

Monkey Server security vulnerabilities

Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from an out-of-bounds read in the headercmp function, potentially leading to a denial-of-service attack...