Lucene search
+L

181 matches found

redhatcve
redhatcve
added 2026/06/26 1:3 a.m.6 views

CVE-2026-53191

A flaw was found in the Linux kernel's iouring networking component. During bundle receive retries, an issue with inheriting the IORINGCQEFBUFMORE flag can cause the userspace to incorrectly advance the ring head. This memory handling error could lead to information disclosure or potentially allo...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
osv
osv
added 2026/06/25 8:39 a.m.3 views

CVE-2026-53191 io_uring/net: inherit IORING_CQE_F_BUF_MORE across bundle recv retries

In the Linux kernel, the following vulnerability has been resolved: iouring/net: inherit IORINGCQEFBUFMORE across bundle recv retries When a bundle recv retries inside iorecvfinish, the merge logic OR the saved cflags from the previous iteration with the cflags returned by the new iteration: cfla...

7.8CVSS6AI score0.00138EPSS
Exploits0References7
debiancve
debiancve
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53191

In the Linux kernel, the following vulnerability has been resolved: iouring/net: inherit IORINGCQEFBUFMORE across bundle recv retries When a bundle recv retries inside iorecvfinish, the merge logic OR the saved cflags from the previous iteration with the cflags returned by the new iteration: cfla...

7.8CVSS5.9AI score0.00138EPSS
Exploits0
attackerkb
attackerkb
added 2026/06/25 8:39 a.m.7 views

CVE-2026-53191

In the Linux kernel, the following vulnerability has been resolved: iouring/net: inherit IORINGCQEFBUFMORE across bundle recv retries When a bundle recv retries inside iorecvfinish, the merge logic OR the saved cflags from the previous iteration with the cflags returned by the new iteration: cfla...

5.9AI score0.00138EPSS
Exploits0References5Affected Software1
cve
cve
added 2026/06/25 8:39 a.m.18 views

CVE-2026-53191

CVE-2026-53191 affects the Linux kernel io_uring/net path. In bundle recv retries (with incremental mode and provided buffer rings IOU_PBUF_RING_INC), a memory handling bug caused IORING_CQE_F_BUF_MORE to be dropped during flag merge, allowing the kernel to leave a stale BUF_MORE in carried flags...

7.8CVSS6AI score0.00138EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2026/06/25 8:39 a.m.30 views

CVE-2026-53191 io_uring/net: inherit IORING_CQE_F_BUF_MORE across bundle recv retries

In the Linux kernel, the following vulnerability has been resolved: iouring/net: inherit IORINGCQEFBUFMORE across bundle recv retries When a bundle recv retries inside iorecvfinish, the merge logic OR the saved cflags from the previous iteration with the cflags returned by the new iteration: cfla...

7.8CVSS0.00138EPSS
Exploits0References4
nessus
nessus
added 2026/06/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-54904

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current...

8.2CVSS6AI score0.00278EPSS
Exploits1References3
nvd
nvd
added 2026/06/12 10:16 p.m.16 views

CVE-2026-53839

OpenClaw before 2026.5.7 contains a hostname validation vulnerability in retry endpoint checks that allows matching hostname prefixes instead of exact hostnames. Attackers can exploit this by crafting a hostname prefix resembling a trusted host to send authentication material to untrusted endpoin...

6.5CVSS0.00265EPSS
Exploits0References2
osv
osv
added 2026/06/11 7:19 a.m.17 views

MAL-2026-5605 Malicious code in chai-as-victimed (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b60cf728d4e2f5932f37d3e420649f6facc08959a8380a4724ec9e885b88754 Package name impersonates chai-as-promised but ships a remote-code dropper. lib/caller.js base64-decodes a hardcoded URL pointing to...

6.5AI score
Exploits0References1
snyk
snyk
added 2026/06/10 1:13 a.m.8 views

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the retrytopic-attempts header. An attacker can manipulate retry routing and backoff behavior by sending crafted headers with out-of-range attempt counts. Remediation Upgrade...

7.1CVSS5.3AI score0.0024EPSS
Exploits0References2
nvd
nvd
added 2026/06/09 5:16 a.m.45 views

CVE-2026-41710

An attacker can craft a large number of unique requests that trigger a failure, exhausting the capacity of the application-wide stateful retry cache. Once the cache is full, it permanently rejects any further updates, causing all later stateful retries and circuit breakers in the application to...

5.9CVSS0.0028EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/09 3:48 a.m.37 views

CVE-2026-41710 Cache Exhaustion in Stateful Retries leads to Denial of Service

An attacker can craft a large number of unique requests that trigger a failure, exhausting the capacity of the application-wide stateful retry cache. Once the cache is full, it permanently rejects any further updates, causing all later stateful retries and circuit breakers in the application to...

5.9CVSS0.0028EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/09 3:48 a.m.9 views

CVE-2026-41710 Cache Exhaustion in Stateful Retries leads to Denial of Service

An attacker can craft a large number of unique requests that trigger a failure, exhausting the capacity of the application-wide stateful retry cache. Once the cache is full, it permanently rejects any further updates, causing all later stateful retries and circuit breakers in the application to...

5.9CVSS5.5AI score0.0028EPSS
Exploits0References1
cve
cve
added 2026/06/09 3:48 a.m.54 views

CVE-2026-41710

The CVE-2026-41710 issue affects Spring Retry versions 2.0.0–2.0.12 and 1.3.0–1.3.4. An attacker can craft a large number of unique requests that trigger failures, exhausting the application-wide stateful retry cache. Once the cache is full, it permanently rejects further updates, causing all lat...

5.9CVSS5.5AI score0.0028EPSS
Exploits0References1
spring
spring
added 2026/06/08 12:0 a.m.9 views

cve-2026-41710 - MEDIUM - Cache Exhaustion in Stateful Retries leads to Denial of Service

cve-2026-41710 - MEDIUM - Cache Exhaustion in Stateful Retries leads to Denial of Service...

5.9CVSS6AI score0.0028EPSS
Exploits0
redhatcve
redhatcve
added 2026/06/05 7:26 p.m.10 views

CVE-2026-39383

Gotenberg is an API-based document conversion tool. In version 8.29.1, an unauthenticated attacker with network access can force the server to make outbound HTTP POST requests to arbitrary internal or external destinations by supplying a crafted URL in the Gotenberg-Webhook-Url request header. Th...

7.2CVSS5.7AI score0.00236EPSS
Exploits1References1
oraclelinux
oraclelinux
added 2026/06/01 12:0 a.m.17 views

httpd:2.4 security update

httpd 2.4.37-65.0.1.7 - Replace index.html with Oracle's index page oracleindex.html modhttp2 1.15.7-10.5 - Resolves: RHEL-166277 - httpd:2.4/httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 modmd 1:2.0.8-8.2 - Resolves: RHEL-134487 - httpd:2.4/httpd: Apache HTTP Server:...

9.8CVSS5.8AI score0.04409EPSS
Exploits1
nvd
nvd
added 2026/05/27 2:17 p.m.20 views

CVE-2026-46001

In the Linux kernel, the following vulnerability has been resolved: hwmon: pt5161l Fix bugs in pt5161lreadblockdata Fix two bugs in pt5161lreadblockdata: 1. Buffer overrun: The local buffer rbuf is declared as u8 rbuf24, but i2csmbusreadblockdata can return up to I2CSMBUSBLOCKMAX 32 bytes. The...

7.8CVSS0.00129EPSS
Exploits0References4
euvd
euvd
added 2026/05/27 12:55 p.m.14 views

EUVD-2026-32297

In the Linux kernel, the following vulnerability has been resolved: hwmon: pt5161l Fix bugs in pt5161lreadblockdata Fix two bugs in pt5161lreadblockdata: 1. Buffer overrun: The local buffer rbuf is declared as u8 rbuf24, but i2csmbusreadblockdata can return up to I2CSMBUSBLOCKMAX 32 bytes. The...

5.9AI score0.00129EPSS
Exploits0References4
nvd
nvd
added 2026/05/20 1:16 p.m.13 views

CVE-2026-5950

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...

5.3CVSS0.00551EPSS
Exploits1References4
Rows per page
Query Builder