Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

49 matches found

SUSE CVE
SUSE CVEadded 2026/04/20 11:26 p.m.4 views

SUSE CVE-2026-29013

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

9.8CVSS5.8AI score0.00296EPSS
Exploits0References3
OSV
OSVadded 2026/04/19 12:9 a.m.4 views

OSV-2026-589 Heap-double-free in coap_new_oscore_conf

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=503812134 Crash type: Heap-double-free Crash state: coapnewoscoreconf oscoreconfparsetarget.c coapnewoscoreconf...

5.7AI score
Exploits0References1
EUVD
EUVDadded 2026/04/18 12:31 a.m.3 views

EUVD-2026-23535

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

8.8CVSS6AI score0.00296EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/18 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-29013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on...

9.8CVSS5.5AI score0.00296EPSS
Exploits0References3
Snyk
Snykadded 2026/04/17 10:41 p.m.5 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the getbyteinc function during CBOR parsing in OSCORE negotiation. An attacker can access sensitive memory contents or cause a heap buffer overflow by sending specially crafted CoAP requests with malformed OSCORE...

9.8CVSS5.7AI score0.00296EPSS
Exploits0References2
NVD
NVDadded 2026/04/17 10:16 p.m.2 views

CVE-2026-29013

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

9.8CVSS0.00296EPSS
Exploits0References1
OSV
OSVadded 2026/04/17 10:16 p.m.2 views

DEBIAN-CVE-2026-29013

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

9.8CVSS5.8AI score0.00296EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2026/04/17 10:16 p.m.9 views

CVE-2026-29013

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

8.8CVSS5.8AI score0.00296EPSS
Exploits0References1
OSV
OSVadded 2026/04/17 10:16 p.m.7 views

UBUNTU-CVE-2026-29013

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

9.8CVSS5.8AI score0.00296EPSS
Exploits0References2
AlpineLinux
AlpineLinuxadded 2026/04/17 9:11 p.m.7 views

CVE-2026-29013

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

9.8CVSS5.8AI score0.00296EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/17 9:11 p.m.8 views

CVE-2026-29013 libcoap Out-of-Bounds Read in OSCORE CBOR Unwrap Handling

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

8.8CVSS5.8AI score0.00296EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/17 9:11 p.m.3 views

CVE-2026-29013

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

8.8CVSS5.8AI score0.00296EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/17 9:11 p.m.22 views

CVE-2026-29013 libcoap Out-of-Bounds Read in OSCORE CBOR Unwrap Handling

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

8.8CVSS0.00296EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2026/04/17 9:11 p.m.5 views

CVE-2026-29013

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

9.8CVSS5.8AI score0.00296EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/04/17 12:0 a.m.5 views

PT-2026-33518

Name of the Vulnerable Software and Affected Versions libcoap affected versions not specified Description An issue exists in the OSCORE Appendix B.2 CBOR unwrap handling where the function get byte inc in src/oscore/oscore cbor.c relies exclusively on assert for bounds checking. Since assert is...

9.8CVSS6AI score0.00296EPSS
Exploits0References12
RedhatCVE
RedhatCVEadded 2026/02/12 7:28 p.m.4 views

CVE-2026-2248

METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...

9.8CVSS6.1AI score0.00514EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2026/02/11 8:35 p.m.254 views

Exploit for CVE-2026-2249

Overview The METIS DFS devices, specifically in versions lowe...

9.8CVSS6.2AI score0.00514EPSS
Exploits1
Vulnrichment
Vulnrichmentadded 2026/02/11 2:16 p.m.5 views

CVE-2026-2249 Unauthenticated Remote Command Execution via Web Console in METIS DFS

METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...

9.8CVSS6.1AI score0.00514EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/02/11 2:15 p.m.3 views

CVE-2026-2248

METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...

9.8CVSS6.1AI score0.00514EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/02/11 2:15 p.m.4 views

CVE-2026-2248 Unauthenticated Remote Root Shell Access via Web Console in METIS WIC

METIS WIC devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with root UID 0 privileges. This results in full system compromis...

9.8CVSS6.1AI score0.00514EPSS
Exploits0References1
Rows per page
Query Builder