Lucene search
K

4 matches found

NVD
NVD
added 2026/06/01 10:16 p.m.15 views

CVE-2026-10291

A security vulnerability has been detected in Enderfga claw-orchestrator up to 3.7.0. The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-server.ts of the component Session Grep Endpoint. The manipulation of the argument body.pattern leads to inefficient...

5.3CVSS0.00354EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.13 views

WordPress多款产品 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS5.7AI score0.0032EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/10/28 8:38 p.m.8 views

Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse``

Summary An unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This enables CPU exhaustion per request, causing denial‑of‑service for endpoints serving files e.g., StaticFiles or any use of...

7.5CVSS6.9AI score0.00638EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/02/05 3:15 p.m.3 views

DEBIAN-CVE-2024-24762

python-multipart is a streaming multipart parser for Python. When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type header, including options. An attacker could send a custom-made Content-Type option that is very difficult for the RegEx to process, consumi...

7.5CVSS6.6AI score0.01523EPSS
Exploits1References1
Rows per page
Query Builder