CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Github Security Blog•added 6 days ago•15 views

zeroconf has unbounded DNS record cache that allows LAN-local memory exhaustion via multicast flood

Impact DNSCache.asyncadd inserted every response record into cache, expirations, expireheap, and servicecache with no cap on entry count. The only pre-existing protection was a PTR TTL floor DNSPTRMINTTL = 1125 s, RFC 6762 §10, which actually prolonged attacker-injected records, and a periodic...

5.8AI score

Exploits0References4Affected Software1

OSV•added 6 days ago•6 views

GHSA-RFG2-PJW2-56X2 zeroconf has unbounded DNS record cache that allows LAN-local memory exhaustion via multicast flood

Snyk•added 6 days ago•2 views

Exploits0References4

Allocation of Resources Without Limits or Throttling

Overview zeroconf is a Pure Python Multicast DNS Service Discovery Library Bonjour/Avahi compatible Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the DNSIncoming.logexceptiondebug function and the exception-deduplication, which stores...

7.1CVSS5.8AI score

OSV•added 6 days ago•4 views

GHSA-PHVX-9MGW-67R5 zeroconf: Unbounded exception-dedup state retains packet buffers via traceback frame locals, enabling LAN-local memory exhaustion

Impact DNSIncoming.logexceptiondebug and the four QuietLogger exception-dedup methods stored an unbounded seenlogs dict keyed by strsys.excinfo1. The seven IncomingDecodeError messages raised from readname / decodelabelsatoffset RFC 6762 §18 name-decoding error paths all embed self.source — the...

Github Security Blog•added 6 days ago•12 views

Exploits0References4

zeroconf: Unbounded exception-dedup state retains packet buffers via traceback frame locals, enabling LAN-local memory exhaustion

5.8AI score

Exploits0References4Affected Software1

Snyk•added 6 days ago•1 views

Uncontrolled Recursion

Overview zeroconf is a Pure Python Multicast DNS Service Discovery Library Bonjour/Avahi compatible Affected versions of this package are vulnerable to Uncontrolled Recursion via the DNSIncoming.decodelabelsatoffset function. An attacker can cause excessive CPU consumption and log flooding by...

7.1CVSS5.8AI score

Positive Technologies•added 6 days ago•5 views

PT-2026-45024

Impact DNSIncoming. decode labels at offset recurses once per DNS-name compression pointer RFC 1035 §4.1.4. Pointer cycles and label counts were capped, but the chain length of unique forward pointers was not. A single 3 kB mDNS packet carrying 1500 chained pointers drives the recursion past...

Positive Technologies•added 6 days ago•5 views

PT-2026-45026

Impact DNSCache. async add inserted every response record into cache, expirations, expire heap, and service cache with no cap on entry count. The only pre-existing protection was a PTR TTL floor DNS PTR MIN TTL = 1125 s, RFC 6762 §10, which actually prolonged attacker-injected records, and a...

Positive Technologies•added 6 days ago•3 views

PT-2026-45025

Impact DNSIncoming. log exception debug and the four QuietLogger exception-dedup methods stored an unbounded seen logs dict keyed by strsys.exc info1. The seven IncomingDecodeError messages raised from read name / decode labels at offset RFC 6762 §18 name-decoding error paths all embed self.sourc...

Tenable Nessus•added 6 days ago•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-45913

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: always update mdbnentries for vlan contexts syzbot triggered a warning1...

5.7AI score0.00024EPSS

SUSE CVE•added last week•8 views

SUSE CVE-2026-45913

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: always update mdbnentries for vlan contexts syzbot triggered a warning1 about the number of mdb entries in a context. It turned out that there are multiple ways to trigger that warning today some got added...

RedhatCVE•added 2026/05/28 1:48 a.m.•5 views

Exploits0References3

CVE-2026-45913

A flaw was found in the Linux kernel's bridge multicast module. This vulnerability arises from an inconsistency in how the system tracks multicast database entries mdbnentries for virtual local area network VLAN contexts. A local user with network configuration privileges could exploit this by...

5.5CVSS5.8AI score0.00024EPSS

Exploits0References4

EUVD•added 2026/05/27 3:33 p.m.•5 views

EUVD-2026-32379

NVD•added 2026/05/27 2:17 p.m.•4 views

Exploits0References6

CVE-2026-45913

0.00024EPSS

OSV•added 2026/05/27 2:17 p.m.•1 views

UBUNTU-CVE-2026-45913

5.7AI score0.00024EPSS

Exploits0References3

Cvelist•added 2026/05/27 12:17 p.m.•32 views

CVE-2026-45913 net: bridge: mcast: always update mdb_n_entries for vlan contexts

0.00024EPSS

Debian CVE•added 2026/05/27 12:17 p.m.•4 views

CVE-2026-45913

5.7AI score0.00024EPSS

Exploits0

CVE•added 2026/05/27 12:17 p.m.•6 views

CVE-2026-45913

In CVE-2026-45913, the Linux kernel fix targets the bridge multicast code: it always updates mdb_n_entries for VLAN contexts instead of conditional increases, addressing a syzbot warning about unbalanced updates. The solution initializes the counter on port-vlan context creation and increments/de...

Positive Technologies•added 2026/05/27 12:0 a.m.•5 views

PT-2026-43780

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: always update mdb n entries for vlan contexts syzbot triggered a warning1 about the number of mdb entries in a context. It turned out that there are multiple ways to trigger that warning today some got added...