Lucene search
K

9 matches found

OSV
OSV
added 7 hours ago9 views

ROOT-APP-MAVEN-CVE-2026-42577 CVE-2026-42577 in io.root.io.netty:netty-transport-native-epoll - Patched by Root

Root has patched CVE-2026-42577 in the io.root.io.netty:netty-transport-native-epoll package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00408EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/15 8:35 a.m.10 views

CVE-2026-46340

A flaw was found in netty-transport-sctp. A remote attacker can exploit this vulnerability by sending specially crafted, non-complete Stream Control Transmission Protocol SCTP message fragments. This can lead to unbounded memory growth within the application, causing a Denial of Service DoS...

7.5CVSS5.1AI score0.00371EPSS
Exploits0References6
NVD
NVD
added 2026/06/12 3:16 p.m.13 views

CVE-2026-46340

Netty is a network application framework for development of protocol servers and clients. In versions of netty-transport-sctp prior to 4.1.135.Final and 4.2.15.Final, for each non-complete SctpMessage fragment the handler does fragments.putstreamId, Unpooled.wrappedBufferfrag, byteBuf, wrapping t...

7.5CVSS0.00371EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-46340

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is a network application framework for development of protocol servers and clients. In versions of netty-transport-sctp prior to 4.1.135.Final and...

7.5CVSS5.6AI score0.00371EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/06/08 11:2 p.m.6 views

ai.spice:spiceai (=0.6.0), cn.isqing.icloud:icloud-common-utils (>=4.0.3-M1 <=4.0.3.1) +431 more potentially affected by CVE-2026-46340 via io.netty:netty-transport-sctp (>=4.2.0.Final <=4.2.14.Final)

io.netty:netty-transport-sctp MAVEN version =4.2.0.Final, =4.0.3-M1, =1.21.9, =3.4.7, =25.4.1, =26.2.1, =7.9.0, =5.1.0, =5.1.0, =6.80, =0.2.2, =0.2.4 and more Source cves: CVE-2026-46340 Source advisory: OSV:GHSA-5XRH-QMMQ-W6CH...

7.5CVSS5.7AI score0.00371EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/06/08 11:2 p.m.5 views

ai.chronon:service_2.11 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:service_2.12 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +2498 more potentially affected by CVE-2026-46340 via io.netty:netty-transport-sctp (>=4.0.0.Beta1 <=4.1.134.Final)

io.netty:netty-transport-sctp MAVEN version =4.0.0.Beta1, =0.0.86, =0.0.86, =0.0.86, =3.30.1.1, =3.10.0.5, =0.2.3.5, =0.0.1, =2.0.24, =1.1.9, =0.0.1, =0.0.9 and more Source cves: CVE-2026-46340 Source advisory: OSV:GHSA-5XRH-QMMQ-W6CH...

7.5CVSS5.7AI score0.00371EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/06/08 11:1 p.m.5 views

ai.ancf.lmos-router:benchmarks (>=0.2.0 <=0.28.0), ai.ancf.lmos-router:lmos-router-hybrid (>=0.2.0 <=0.28.0) +12829 more potentially affected by CVE-2026-45536 via io.netty:netty-transport-native-epoll (>=4.0.21.Final <=4.1.134.Final)

io.netty:netty-transport-native-epoll MAVEN version =4.0.21.Final, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid =0.1.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm =0.1.0 -...

4CVSS5.7AI score0.00136EPSS
Exploits0
Snyk
Snyk
added 2026/05/06 11:10 p.m.7 views

Missing Release of Resource after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime in the handling of TCP connections with ALLOWHALFCLOSURE enabled when a remote peer sends a FIN followed by a RST. An attacker can cause resource exhaustion or high CPU utilization by...

8.7CVSS5.8AI score0.00408EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/06 5:47 p.m.3 views

User Impersonation

Overview Akka.Remote is a .NET port of the popular Akka project from the Scala / Java community. Affected versions of this package are vulnerable to User Impersonation due to improper implementation of certificate-based authentication in the akka.remote.dot-netty.tcp transport. An attacker can ga...

9.3CVSS7.1AI score0.00374EPSS
Exploits0References2
Rows per page
Query Builder