Lucene search
+L

8634 matches found

nvd
nvd
added 19 hours ago6 views

CVE-2026-23538

A vulnerability was identified in the Feast Feature Server's /ws/chat endpoint that allows remote attackers to establish persistent WebSocket connections without any authentication. By opening a large number of simultaneous connections, an attacker can exhaust server resources—such as memory, CPU...

7.5CVSS
Exploits0References4
cve
cve
added 20 hours ago20 views

CVE-2026-23538

The CVE affects Feast: Feast Feature Server /ws/chat accepts unauthenticated, persistent WebSocket connections. An attacker can open many concurrent connections to exhaust memory, CPU, and file descriptors, causing DoS. Affected software: Feast (Python SDK context cited by SNYK for Feast >=0.1...

7.5CVSS6.1AI score
Exploits0References4
cvelist
cvelist
added 20 hours ago16 views

CVE-2026-23538 Feast: resource exhaustion via websocket endpoint

A vulnerability was identified in the Feast Feature Server's /ws/chat endpoint that allows remote attackers to establish persistent WebSocket connections without any authentication. By opening a large number of simultaneous connections, an attacker can exhaust server resources—such as memory, CPU...

7.5CVSS
Exploits0References3
euvd
euvd
added 20 hours ago9 views

EUVD-2026-44838

A vulnerability was identified in the Feast Feature Server's /ws/chat endpoint that allows remote attackers to establish persistent WebSocket connections without any authentication. By opening a large number of simultaneous connections, an attacker can exhaust server resources—such as memory, CPU...

7.5CVSS6.1AI score
Exploits0References3
nvd
nvd
added yesterday7 views

CVE-2026-55399

CVE-2026-55399 is a resource exhaustion vulnerability in the Secure Access publisher prior to 14.55. Attackers with valid credentials to the Secure Access tunnel can create a non-persistent DoS against the publisher...

5.1CVSS
Exploits0References1
euvd
euvd
added yesterday4 views

EUVD-2026-44805

CVE-2026-55399 is a resource exhaustion vulnerability in the Secure Access publisher prior to 14.55. Attackers with valid credentials to the Secure Access tunnel can create a non-persistent DoS against the publisher...

5.1CVSS6.1AI score
Exploits0References1
cve
cve
added yesterday6 views

CVE-2026-55399

CVE-2026-55399 affects the Secure Access publisher prior to version 14.55. It is a resource-exhaustion vulnerability where attackers with valid credentials to the Secure Access tunnel can trigger a non-persistent DoS against the publisher. CVSS v4.0 base score is 5.1 (Medium), with network attack...

5.1CVSS6.1AI score
Exploits0References1Affected Software1
cvelist
cvelist
added yesterday27 views

CVE-2026-55399 Resource exhaustion vulnerability in the Secure Access publisher

CVE-2026-55399 is a resource exhaustion vulnerability in the Secure Access publisher prior to 14.55. Attackers with valid credentials to the Secure Access tunnel can create a non-persistent DoS against the publisher...

5.1CVSS
Exploits0References1
nvd
nvd
added yesterday8 views

CVE-2026-61866

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the JNG encoder when a blob cannot be opened. Attackers can trigger the memory leak by providing malformed JNG files that fail blob operations, causing resource exhaustion...

7.5CVSS
Exploits0References2
nvd
nvd
added yesterday6 views

CVE-2026-61868

ImageMagick before 7.1.2-26 and 6.9.x before 6.9.13-51 contains a memory leak in the YUV decoder that occurs when opening of the blob fails. Repeated triggering can lead to resource exhaustion denial of service...

6.3CVSS
Exploits0References2
euvd
euvd
added yesterday7 views

EUVD-2026-44617

ImageMagick before 7.1.2-26 and 6.9.x before 6.9.13-51 contains a memory leak in the YUV decoder that occurs when opening of the blob fails. Repeated triggering can lead to resource exhaustion denial of service...

6.3CVSS6.1AI score
Exploits0References2
euvd
euvd
added yesterday4 views

EUVD-2026-44615

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the JNG encoder when a blob cannot be opened. Attackers can trigger the memory leak by providing malformed JNG files that fail blob operations, causing resource exhaustion...

2.9CVSS6.1AI score
Exploits0References2
cve
cve
added yesterday9 views

CVE-2026-61866

CVE-2026-61866 affects ImageMagick before 7.1.2-26. A memory leak occurs in the JNG encoder when a blob cannot be opened, and attackers can trigger it by providing malformed JNG files that fail blob operations, causing resource exhaustion. No remediation details are provided in the supplied docum...

7.5CVSS6.1AI score
Exploits0References2Affected Software1
cvelist
cvelist
added yesterday25 views

CVE-2026-61866 ImageMagick before 7.1.2-26 Memory Leak in JNG encoder

ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the JNG encoder when a blob cannot be opened. Attackers can trigger the memory leak by providing malformed JNG files that fail blob operations, causing resource exhaustion...

2.9CVSS
Exploits0References2
ptsecurity
ptsecurity
added yesterday7 views

PT-2026-60299

Name of the Vulnerable Software and Affected Versions Secure Access publisher versions prior to 14.55 Description A resource exhaustion issue exists in the Secure Access publisher. Attackers possessing valid credentials for the Secure Access tunnel can trigger a non-persistent Denial of Service...

5.1CVSS6.1AI score
Exploits0References5
nvd
nvd
added 2 days ago4 views

CVE-2026-46627

Twig is a template language for PHP. Prior to 3.26.0, the Twig sandbox does not prevent a template from consuming CPU, memory, or wall-clock time, even under the strictest allow-list, allowing untrusted templates to cause resource exhaustion. This issue is addressed in version 3.26.0 by documenti...

7.1CVSS0.00331EPSS
Exploits0References3
cvelist
cvelist
added 2 days ago34 views

CVE-2026-46627 Twig: Sandbox resource exhaustion via unbounded `for` / `range()`

Twig is a template language for PHP. Prior to 3.26.0, the Twig sandbox does not prevent a template from consuming CPU, memory, or wall-clock time, even under the strictest allow-list, allowing untrusted templates to cause resource exhaustion. This issue is addressed in version 3.26.0 by documenti...

7.1CVSS0.00331EPSS
Exploits0References3
cve
cve
added 2 days ago17 views

CVE-2026-46627

CVE-2026-46627 concerns Twig, a PHP template engine. Before 3.26.0, Twig’s sandbox does not prevent a template from consuming CPU, memory, or wall-clock time even with an allow-list, allowing resource exhaustion via unbounded for/range usage. The issue is mitigated in version 3.26.0, which docume...

7.1CVSS6.1AI score0.00331EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2 days ago4 views

CVE-2026-47476

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause uncontrolled resource consumption. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS0.00343EPSS
Exploits0References2
cve
cve
added 2 days ago9 views

CVE-2026-24271

NVIDIA TensorRT-LLM’s OpenAI-compatible inference API (CVE-2026-24271) is vulnerable to unthrottled GPU resource allocation, potentially causing denial of service. The affected product is NVIDIA TensorRT-LLM; the issue stems from uncontrolled resource allocation within the inference API. The secu...

6.2CVSS6.1AI score0.0012EPSS
Exploits0References2
Rows per page
Query Builder