Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.11 views

CVE-2026-44505

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. network-libp2p handles kad get-record query progress in handledhtget network-libp2p/src/swarm.rs. Prior to version 1.4.0, when a peer returns a FoundRecord, the code verifies the record...

5.3CVSS5.5AI score0.00297EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.10 views

CVE-2026-46541

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, iIn handledhtget, the DhtResults accumulator is only initialized when the first DHT record passes verification. If the first record fails from a malicious DHT...

7.5CVSS5.4AI score0.00346EPSS
Exploits0References1
OSV
OSV
added 2026/03/27 9:17 p.m.3 views

UBUNTU-CVE-2026-33891

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, a Denial of Service DoS vulnerability exists in the node-forge library due to an infinite loop in the BigInteger.modInverse function inherited from the bundled jsbn library...

7.5CVSS5.8AI score0.00596EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/27 8:50 p.m.2 views

CVE-2026-33896 Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation)

Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.4.0, pki.verifyCertificateChain does not enforce RFC 5280 basicConstraints requirements when an intermediate certificate lacks both the basicConstraints and keyUsage extensions...

7.4CVSS6.6AI score0.00348EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24183

Malicious code in bioql PyPI...

8.6CVSS6.5AI score0.00363EPSS
Exploits1References2
Rows per page
Query Builder