Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded 2026/04/24 6:16 p.m.1 views

CVE-2026-42036

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when responseType: 'stream' is used, Axios returns the response stream without enforcing maxContentLength. This bypasses configured response-size limits and allows unbounded downstream consumption. This...

5.3CVSS0.00023EPSS
Exploits1References1
SUSE CVE
SUSE CVEadded 2026/04/11 9:26 a.m.1 views

SUSE CVE-2026-2581

This is an uncontrolled resource consumption vulnerability CWE-400 that can lead to Denial of Service DoS. In vulnerable Undici versions, when interceptors.deduplicate is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlle...

5.9CVSS7AI score0.0002EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2026/03/13 8:37 p.m.3 views

Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS

Impact This is an uncontrolled resource consumption vulnerability CWE-400 that can lead to Denial of Service DoS. In vulnerable Undici versions, when interceptors.deduplicate is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An...

5.9CVSS5.7AI score0.0002EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVEadded 2026/03/12 8:13 p.m.1 views

CVE-2026-2581

This is an uncontrolled resource consumption vulnerability CWE-400 that can lead to Denial of Service DoS. In vulnerable Undici versions, when interceptors.deduplicate is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlle...

5.9CVSS7AI score0.0002EPSS
Exploits0
OSV
OSVadded 2026/01/19 11:57 a.m.2 views

USN-7955-2 python-urllib3 regression

USN-7955-1 fixed vulnerabilities in urllib3. The update introduced a regression in response streaming on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that urllib3 incorrectly handled...

8.9CVSS6.7AI score0.00032EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/02/05 2:21 a.m.6 views

CVE-2024-24556

urql is a GraphQL client that exposes a set of helpers for several frameworks. The @urql/next package is vulnerable to XSS. To exploit this an attacker would need to ensure that the response returns html tags and that the web-application is using streamed responses non-RSC. This vulnerability is...

7.2CVSS6.9AI score0.00473EPSS
Exploits0References1
n0where
n0whereadded 2016/09/06 4:55 p.m.28 views

Intercepting Proxy for Performing Web Application Security Testing: The Pappy Proxy

Intercepting Proxy for Performing Web application security testing The Pappy P roxy A ttack P roxy P rox Y Proxy is an intercepting proxy for performing web application security testing. Its features are often similar, or straight up rippoffs from Burp Suite . However, Burp Suite is neither open...

7.2AI score
Exploits0References2
Rows per page
Query Builder