CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4770 matches found

CVE•added 2026/01/26 9:43 p.m.•64 views

CVE-2025-59471

CVE-2025-59471 describes a denial-of-service in self-hosted Next.js apps that have a remotePatterns configuration for the Image Optimizer. The vulnerability arises because the image optimization endpoint /_next/image loads external images fully into memory and does not enforce a maximum size, ena...

7.5CVSS5.9AI score0.00444EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/01/26 9:43 p.m.•19 views

CVE-2025-59471

A denial of service vulnerability exists in self-hosted Next.js applications that have remotePatterns configured for the Image Optimizer. The image optimization endpoint /next/image loads external images entirely into memory without enforcing a maximum size limit, allowing an attacker to cause...

5.9CVSS0.00444EPSS

Exploits0References1

ATTACKERKB•added 2026/01/26 9:43 p.m.•4 views

CVE-2025-59471

5.9CVSS5.9AI score0.00444EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/01/26 9:43 p.m.•3 views

CVE-2025-59471

5.9CVSS5.9AI score0.00444EPSS

Exploits0References1

Tenable Nessus•added 2026/01/26 12:0 a.m.•5 views

Oracle MySQL Server 9.x.x < 9.6.0 (January 2026 CPU)

The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Packaging. Supported versions that are affected are 8.0.0-8.0.44,...

7.5CVSS6.4AI score0.02046EPSS

Exploits0References15

Tenable Nessus•added 2026/01/26 12:0 a.m.•16 views

Oracle MySQL Server 8.4.x < 8.4.8 (January 2026 CPU)

The versions of MySQL Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Docker Images SQLite. Supported versions that are affected are...

9.8CVSS6.6AI score0.64893EPSS

Exploits3References11

Tenable Nessus•added 2026/01/26 12:0 a.m.•10 views

Oracle MySQL Server 8.0.x < 8.0.45 (January 2026 CPU)

7.5CVSS6.4AI score0.02046EPSS

Exploits0References10

OSV•added 2026/01/23 12:22 p.m.•5 views

OESA-2026-1196 mysql security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if Security Fixes:...

6.5CVSS5.2AI score0.00337EPSS

Exploits0References7

RedhatCVE•added 2026/01/21 10:25 p.m.•7 views

CVE-2026-21941

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network...

4.9CVSS7AI score0.00337EPSS

Exploits0References5

RedhatCVE•added 2026/01/21 10:24 p.m.•4 views

CVE-2026-21948

4.9CVSS7AI score0.00337EPSS

Exploits0References4

RedhatCVE•added 2026/01/21 10:24 p.m.•3 views

CVE-2026-21968

6.5CVSS7AI score0.00257EPSS

Exploits0References4

EUVD•added 2026/01/21 12:31 a.m.•3 views

EUVD-2026-3544

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...

6.5CVSS4.9AI score0.00257EPSS

Exploits0References2

EUVD•added 2026/01/21 12:31 a.m.•5 views

EUVD-2026-3561

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

4.9CVSS4.9AI score0.00337EPSS

Exploits0References2

EUVD•added 2026/01/21 12:31 a.m.•3 views

EUVD-2026-3559

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

6.5CVSS4.9AI score0.00316EPSS

Exploits0References2

EUVD•added 2026/01/21 12:31 a.m.•5 views

EUVD-2026-3560

6.5CVSS4.9AI score0.00317EPSS

Exploits0References2

EUVD•added 2026/01/21 12:31 a.m.•4 views

EUVD-2026-3568

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

4.9CVSS4.9AI score0.00337EPSS

Exploits0References2

Snyk•added 2026/01/20 10:47 p.m.•3 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Optimizer component. An attacker can cause the application to hang or crash by sending specially crafted requests over the network while authenticated with high privileges...

6.9CVSS5.5AI score0.00337EPSS

Exploits0References2

Snyk•added 2026/01/20 10:46 p.m.•2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Optimizer component. An attacker can cause the application to hang or crash repeatedly by sending specially crafted requests over the network while authenticated with low...

7.1CVSS5.5AI score0.00257EPSS

Exploits0References2