Lucene search
K

77 matches found

RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-59927

A flaw was found in Mistune, a Python Markdown parser. The Include directive in Mistune's src/mistune/directives/include.py does not properly detect indirect cycles when two Markdown files include each other. This oversight allows for unbounded recursion, which can lead to a RecursionError and...

5.3CVSS5.9AI score0.00307EPSS
Exploits1References6
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42339

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct self-includes and not indirect cycles, allowing two markdown files that include each other to trigger unbounded recursion, raise...

5.3CVSS6AI score0.00307EPSS
Exploits1References3
CVE
CVE
added 6 days ago12 views

CVE-2026-59927

The CVE-2026-59927 issue affects Mistune, a Python Markdown parser. Before version 3.3.0, the Include directive in src/mistune/directives/include.py only detected direct self-includes and failed to handle indirect cycles, enabling two Markdown files that include each other to cause unbounded recu...

5.3CVSS6AI score0.00307EPSS
Exploits1References3Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in protobuf

There is a denial-of-service DoS vulnerability in the google.protobuf.jsonformat.ParseDict function in Python. This vulnerability allows for bypassing the maximum recursion depth when parsing nested google.protobuf.Any messages. Due to the lack of recursion depth accounting within the internal...

8.2CVSS6.6AI score0.00613EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.10 views

EulerOS 2.0 SP11 : protobuf (EulerOS-SA-2026-2260)

According to the versions of the protobuf packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypasse...

8.2CVSS6.5AI score0.00613EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.8 views

EulerOS Virtualization 2.12.0 : protobuf (EulerOS-SA-2026-2109)

According to the versions of the protobuf packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit...

8.2CVSS6.5AI score0.00613EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.12 views

CVE-2026-44844

emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to 3.0.1, EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who ca...

6.3CVSS5.5AI score0.00395EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 7:49 p.m.19 views

EUVD-2026-31977

emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to 3.0.1, EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who ca...

6.3CVSS5.8AI score0.00395EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.16 views

eml_parser 安全漏洞

EmlParser is an open-source Python library for parsing email files, developed by GOVCERT.LU. Versions of EmlParser prior to 3.0.1 contained security vulnerabilities. These vulnerabilities stemmed from the use of EmlParser.getrawbodytext, which performed unrestricted recursive processing on nested...

6.3CVSS5.8AI score0.00395EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/08 11:12 p.m.14 views

eml_parser has recursion DoS via nested message/rfc822 attachments

Summary EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who can supply a badly crafted EML file with approximately 120 nested message/rfc822 parts triggers an unhandled RecursionError and aborts parsing of the...

6.3CVSS6AI score0.00395EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.18 views

PT-2026-39305

Name of the Vulnerable Software and Affected Versions eml parser version 3.0.0 Description A recursion denial of service exists in the get raw body text function within eml parser/parser.py. The function recurses unconditionally for every nested message/rfc822 attachment without a depth limit. An...

6.3CVSS5.8AI score0.00395EPSS
Exploits0References5
OSV
OSV
added 2026/03/27 2:7 p.m.7 views

OESA-2026-1780 python-pyasn1 security update

Abstract Syntax Notation One ASN.1 is a technology for exchanging structured data in a universally understood, hardware agnostic way. Many industrial, security and telephony applications heavily rely on ASN.1. The pyasn1 library implements ASN.1 support in pure-Python. Security Fixes: The pyasn1...

7.5CVSS5.9AI score0.0058EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/03/25 12:27 a.m.6 views

SUSE CVE-2026-26209

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

7.5CVSS7.1AI score0.00417EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-26209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial ...

7.5CVSS7.2AI score0.00417EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/23 8:23 p.m.8 views

EUVD-2026-14478

cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads...

7.5CVSS7.1AI score0.00417EPSS
Exploits1References4
NVD
NVD
added 2026/03/23 7:16 p.m.5 views

CVE-2026-26209

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

7.5CVSS0.00417EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/03/23 7:16 p.m.6 views

CVE-2026-26209

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

7.5CVSS7.1AI score0.00417EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2026/03/23 6:53 p.m.7 views

CVE-2026-26209

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

7.5CVSS7.3AI score0.00417EPSS
Exploits1
OSV
OSV
added 2026/03/23 6:53 p.m.10 views

CVE-2026-26209 cbor2 has a Denial of Service via Uncontrolled Recursion in cbor2.loads

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Versions prior to 5.9.0 are vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding deeply nested CBOR structures. This vulnerability affects both the...

7.5CVSS5.9AI score0.00417EPSS
Exploits1References6
OSV
OSV
added 2026/03/18 4:17 a.m.8 views

DEBIAN-CVE-2026-30922

pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.3, the pyasn1 library is vulnerable to a Denial of Service DoS attack caused by uncontrolled recursion when decoding ASN.1 data with deeply nested structures. An attacker can supply a crafted payload containing thousands of nested SEQUENC...

7.5CVSS6.9AI score0.0058EPSS
Exploits1References1
Rows per page
Query Builder