Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5222 matches found

UbuntuCve
UbuntuCveadded 2026/01/26 4:15 p.m.4 views

CVE-2025-50537

Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is triggered via the RuleTester.run method, which validates test cases and checks for duplicates. During validation, the internal function...

5.5CVSS7.3AI score0.0003EPSS
Exploits1References3
OSV
OSVadded 2026/01/26 2:47 p.m.4 views

BIT-NODE-MIN-2025-59466

We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when asynchooks.createHook is enabled. Instead of reaching process.on'uncaughtException', the process terminates, making the crash unrecoverable. Applications that rely on...

7.5CVSS5.9AI score0.0003EPSS
Exploits0References2
Rosalinux
Rosalinuxadded 2026/01/26 12:16 p.m.3 views

Advisory ROSA-SA-2026-3119

software: mupdf 1.26.10 WASP: ROSA-CHROME unaffected versions = mupdf-1.26.10-1 affected versions mupdf-1.26.10-1 CVE-ID: CVE-2025-46206 BDU-ID: 2025-11246 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the mutool clean utility of the MuPDF PDF viewer is related to infinite recursion. Exploitation ...

6.5CVSS5.8AI score0.00719EPSS
Exploits1
CNNVD
CNNVDadded 2026/01/26 12:0 a.m.3 views

ESLint security vulnerabilities

ESLint is an open-source tool developed by ESLint that identifies and fixes issues in JavaScript code. Versions of ESLint prior to 9.26.0 contained a security vulnerability. This vulnerability stemmed from infinite recursion when serializing objects with circular references, which could lead to a...

5.5CVSS5.9AI score0.0003EPSS
Exploits1References2
Snyk
Snykadded 2026/01/24 2:51 a.m.4 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the lookuphandlecname function when processing an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonical name are identical. An attacker can cause a crash and exhaust the...

7.1CVSS5.6AI score0.00061EPSS
Exploits0References2
NVD
NVDadded 2026/01/24 2:15 a.m.7 views

CVE-2026-24401

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

6.5CVSS0.00061EPSS
Exploits0References3
OSV
OSVadded 2026/01/24 2:15 a.m.5 views

AZL-75207 CVE-2026-24401 affecting package avahi for versions less than 0.8-7

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

6.5CVSS5.8AI score0.00061EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/24 1:25 a.m.29 views

CVE-2026-24401 Avahi has Uncontrolled Recursion in lookup_handle_cname function

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

6.5CVSS0.00061EPSS
Exploits0References3
EUVD
EUVDadded 2026/01/24 1:25 a.m.4 views

EUVD-2026-4603

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

6.5CVSS5.5AI score0.00061EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2026/01/24 1:25 a.m.5 views

CVE-2026-24401

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

6.5CVSS5.3AI score0.00061EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2026/01/24 1:25 a.m.3 views

CVE-2026-24401

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

6.5CVSS5.5AI score0.00061EPSS
Exploits0References3
OSV
OSVadded 2026/01/24 1:25 a.m.3 views

CVE-2026-24401 Avahi has Uncontrolled Recursion in lookup_handle_cname function

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...

6.5CVSS5.6AI score0.00061EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2026/01/24 12:24 a.m.1 views

SUSE CVE-2026-0994

A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can...

5.9CVSS5.7AI score0.00013EPSS
Exploits0References15
NVD
NVDadded 2026/01/23 4:15 p.m.4 views

CVE-2025-71161

In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...

5.5CVSS0.00015EPSS
Exploits0References6
Snyk
Snykadded 2026/01/23 3:31 p.m.1 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the ParseDict function, when handling deeply nested google.protobuf.Any messages. An attacker can bypass maxrecursiondepth to exhaust the recursion stack and trigger a RecursionError. Remediation Upgrade protob...

8.2CVSS6.4AI score0.00013EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/01/23 3:31 p.m.11 views

protobuf affected by a JSON recursion depth bypass

A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can...

8.2CVSS5.6AI score0.00013EPSS
Exploits0References6Affected Software1
Snyk
Snykadded 2026/01/23 3:31 p.m.4 views

Uncontrolled Recursion

Overview protobuf is a Google’s data interchange format Affected versions of this package are vulnerable to Uncontrolled Recursion in the ParseDict function, when handling deeply nested google.protobuf.Any messages. An attacker can bypass maxrecursiondepth to exhaust the recursion stack and trigg...

8.2CVSS5.4AI score0.00013EPSS
Exploits0References2
OSV
OSVadded 2026/01/23 3:31 p.m.0 views

GHSA-7GCM-G887-7QV7 protobuf affected by a JSON recursion depth bypass

A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can...

8.2CVSS7.2AI score0.00013EPSS
Exploits0References6
NVD
NVDadded 2026/01/23 3:16 p.m.5 views

CVE-2026-0994

A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can...

8.2CVSS0.00013EPSS
Exploits0References1
OSV
OSVadded 2026/01/23 3:16 p.m.1 views

CVE-2026-0994

A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can...

8.2CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder