CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/05/27 12:0 a.m.•12 views

Amazon Linux 2 : soci-snapshotter, --advisory ALAS2DOCKER-2026-123 (ALASDOCKER-2026-123)

The version of soci-snapshotter installed on the remote host is prior to 0.13.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-123 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C...

Tenable Nessus•added 2026/05/27 12:0 a.m.•9 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2DOCKER-2026-122 (ALASDOCKER-2026-122)

The version of oci-add-hooks installed on the remote host is prior to 0-0.10.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-122 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...

Tenable Nessus•added 2026/05/27 12:0 a.m.•9 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2ECS-2026-118 (ALASECS-2026-118)

The version of oci-add-hooks installed on the remote host is prior to 0-0.10.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-118 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...

Tenable Nessus•added 2026/05/27 12:0 a.m.•9 views

Amazon Linux 2023 : credentials-fetcher (ALAS2023-2026-1744)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1744 advisory. crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...

7.5CVSS7.4AI score0.00058EPSS

Exploits0References18

Tenable Nessus•added 2026/05/27 12:0 a.m.•11 views

Amazon Linux 2023 : nerdctl (ALAS2023-2026-1735)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1735 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

OSV•added 2026/05/26 2:54 p.m.•5 views

SUSE-SU-2026:2079-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: 'go tool...

7.5CVSS6AI score0.00058EPSS

Exploits0References25

Amazon•added 2026/05/26 12:0 a.m.•15 views

Important: docker

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.4AI score0.00058EPSS

Amazon•added 2026/05/26 12:0 a.m.•9 views

Important: docker

Amazon•added 2026/05/26 12:0 a.m.•10 views

Important: runc

Amazon•added 2026/05/26 12:0 a.m.•11 views

Important: docker

Amazon•added 2026/05/26 12:0 a.m.•10 views

Important: credentials-fetcher

Issue Overview: crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames,...

7.5CVSS7.4AI score0.00058EPSS

Amazon•added 2026/05/26 12:0 a.m.•16 views

Important: golang

7.5CVSS7.6AI score0.00058EPSS

Amazon•added 2026/05/26 12:0 a.m.•18 views

Important: golang

7.5CVSS7.6AI score0.00058EPSS