Security Bulletin: MongoDB Enterprised Advanced affected by: Uncontrolled Resource Consumption (CVE-2026-22740)

Summary There are vulnerabilities in spring-web-6.2.17.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-22740. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-22740 DESCRIPTION: A WebFlux server application that processes multipart requests create...

EUVD-2026-35549

Microsoft Security Advisory CVE-2026-45591 – ASP.NET Core Denial of Service Vulnerability...

Security Bulletin: IBM Sterling Connect:Direct Web Services is Affected by Uncontrolled Resource Consumption.

Summary brace-expansion-2.0.2.tgz is used by IBM Sterling Connect:Direct Web Services CVE-2026-33750. Vulnerability Details CVEID:CVE-2026-33750 DESCRIPTION: The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to versions 5.0.5, 3.0.2, 2.0.3, and...

Security Bulletin: IBM Sterling Connect:Direct Web Services is affected by Uncontrolled Resource Consumption.

Summary netty-codec-4.1.127.Final.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-42583. Vulnerability Details CVEID:CVE-2026-42583 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Lz4FrameDecoder allocate...

Security Bulletin: IBM Sterling Connect:Direct File Agent is vulnerable to multiple issues

Summary There are vulnerabilities in IBM Semeru Runtime version 17 used by IBM Sterling Connect:Direct File Agent. IBM Sterling Connect:Direct File Agent has addressed the applicable CVEs CVE-2026-34282, CVE-2026-22016, CVE-2026-23865, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-2200...

UBUNTU-CVE-2026-7790

Uncontrolled Resource Consumption vulnerability in ninenines cowlib c...

RockyLinux 8 : .NET 8.0 (RLSA-2026:25110)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25110 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to exploit uncontrolled resource consumption, leading to a Denial of Service DoS over a network. This means that an attacker can make the affected system unavailable to legitimate users by consuming its resources...

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to exploit uncontrolled resource consumption, leading to a Denial of Service DoS over a network. This means that an attacker can make the affected system unavailable to legitimate users by consuming its resources...

CVE-2026-1500 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource consumption when processing ...

CVE-2026-47902

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this iss...

CVE-2026-34713

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this iss...

GitLab CE/EE 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of the American company GitLab. GitLab Enterprise Edition is a content management system. GitLab Community Edition is a community version of GitLab. Versions of GitLab CE/EE prior to 12.0, 18.10.8, 18.11.5, and 19.0.2...

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.118 and .NET Runtime...

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to exploit uncontrolled resource consumption, leading to a Denial of Service DoS over a network. This means that an attacker can make the affected system unavailable to legitimate users by consuming its resources...

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to exploit uncontrolled resource consumption, leading to a Denial of Service DoS over a network. This means that an attacker can make the affected system unavailable to legitimate users by consuming its resources...

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to exploit uncontrolled resource consumption, leading to a Denial of Service DoS over a network. This means that an attacker can make the affected system unavailable to legitimate users by consuming its resources...

CVE-2026-45591

A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to exploit uncontrolled resource consumption, leading to a Denial of Service DoS over a network. This means that an attacker can make the affected system unavailable to legitimate users by consuming its resources...

EUVD-2026-35843

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this iss...

EUVD-2026-35848

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this iss...