CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/12 8:54 a.m.•4 views

BIT-PILLOW-2026-42309 Pillow: Heap buffer overflow with nested list coordinates

Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polygon and ImageDraw.ImageDraw.line could cause a heap buffer overflow, as nested lists were recursive...

5.5CVSS5.8AI score0.00015EPSS

SUSE CVE•added 2026/05/12 3:30 a.m.•3 views

SUSE CVE-2026-43315

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Remove a user-triggerable WARN on nestedsvmloadcr3 succeeding Drop the WARN in svmsetnestedstate on nestedsvmloadcr3 failing as it is trivially easy to trigger from userspace by modifying CPUID after loading CR3. E.g...

5.8AI score0.00013EPSS

Positive Technologies•added 2026/05/12 12:0 a.m.•7 views

PT-2026-40535

Name of the Vulnerable Software and Affected Versions protobufjs versions prior to 7.5.6 protobufjs versions prior to 8.0.2 Description protobufjs can recurse without a depth limit while decoding nested protobuf data, specifically when skipping unknown group fields and during the generated decodi...

7.5CVSS5.8AI score0.00058EPSS

Exploits0References6

Positive Technologies•added 2026/05/12 12:0 a.m.•11 views

PT-2026-40355

Name of the Vulnerable Software and Affected Versions NanaZip versions 5.0.1252.0 through 6.0.1697.0 Description An uncontrolled recursion issue exists in the Electron Archive ASAR parser. When opening a specially crafted .asar file containing deeply nested JSON in the header, the...

5.5CVSS5.8AI score0.00014EPSS

Exploits0References4

Positive Technologies•added 2026/05/12 12:0 a.m.•6 views

PT-2026-39942

Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...

6.1CVSS5.9AI score0.00014EPSS

EUVD•added 2026/05/11 6:31 p.m.•9 views

EUVD-2026-29095

Docling's METS GBS backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend extracts and validates XML files from .tar.gz archives using etree.fromstring without disabling entity resolution. An attacker can craft a malicious XML file with nested entity definitions XML Bo...

5.8AI score0.00067EPSS

OSV•added 2026/05/11 6:31 p.m.•4 views

GHSA-9F4Q-Q82Q-4359 Docling's METS GBS backend is vulnerable to XML Entity Expansion (XXE) attacks

7.5CVSS5.8AI score0.00067EPSS

Snyk•added 2026/05/11 6:31 p.m.•7 views

Allocation of Resources Without Limits or Throttling

Overview docling is a SDK and CLI for parsing PDF, DOCX, HTML, and more, to a unified document representation for powering downstream workflows such as gen AI applications. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the...

8.7CVSS5.8AI score0.00052EPSS

NVD•added 2026/05/11 6:16 p.m.•7 views

CVE-2026-40612

jq is a command-line JSON processor. In 1.8.1 and earlier, jvcontains recurses into nested arrays/objects with no depth limit. With a sufficiently nested input structure built programmatically with reduce, since the JSON parser caps at depth 10000, the C stack is exhausted...

6.8CVSS0.00013EPSS

Exploits1References1

OSV•added 2026/05/11 6:16 p.m.•3 views

UBUNTU-CVE-2026-40612

OSV•added 2026/05/11 5:31 p.m.•5 views

Exploits1References3

BIT-LIBPYTHON-2025-12084 Quadratic complexity in node ID cache clearing

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

6.3CVSS6.9AI score0.00128EPSS

Exploits0References15

ATTACKERKB•added 2026/05/11 5:16 p.m.•5 views

CVE-2026-40612

Exploits1References2Affected Software1

Vulnrichment•added 2026/05/11 5:16 p.m.•5 views

CVE-2026-40612 jq: Stack overflow via unbounded recursion in jv_contains

Cvelist•added 2026/05/11 5:16 p.m.•28 views

Exploits1References1

CVE-2026-40612 jq: Stack overflow via unbounded recursion in jv_contains

6.8CVSS0.00013EPSS

Exploits1References1

OSV•added 2026/05/11 4:16 p.m.•3 views

GHSA-9CCR-R5HG-74GF GitHub Copilot CLI: Nested Bare Repository Can Execute Arbitrary Commands via core.fsmonitor

Summary A security vulnerability has been identified in GitHub Copilot CLI where a malicious bare git repository nested inside a project directory can achieve arbitrary code execution when the agent performs git operations. By exploiting git's automatic bare repository discovery during directory...

8.5CVSS6.3AI score0.00013EPSS

Exploits1References3

Github Security Blog•added 2026/05/11 4:16 p.m.•4 views

GitHub Copilot CLI: Nested Bare Repository Can Execute Arbitrary Commands via core.fsmonitor

8.5CVSS6.3AI score0.00013EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/05/11 12:0 a.m.•6 views

CVE-2026-31247

Docling's JATS XML backend is vulnerable to XML Entity Expansion XXE attacks thru 2.61.0. The backend uses etree.parse to parse XML files without disabling entity resolution. An attacker can craft a malicious XML file containing a nested entity expansion payload XML Bomb. When processed by Doclin...

5.8AI score0.00052EPSS

Positive Technologies•added 2026/05/11 12:0 a.m.•8 views

PT-2026-39709

Name of the Vulnerable Software and Affected Versions jq versions prior to 1.8.2 Description The jv contains function recurses into nested arrays and objects without a depth limit. When processing a sufficiently nested input structure, this can lead to C stack exhaustion, causing the application ...