CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/05/27 12:0 a.m.•8 views

PT-2026-44008

Name of the Vulnerable Software and Affected Versions Gradio versions prior to 6.15.0 Description A cookie injection issue exists due to a shared module-level HTTP client used across all users in the reverse proxy endpoint. This allows remote attackers who control any HF Space to return a...

7.6CVSS5.9AI score0.00042EPSS

Exploits0References7

Tenable Nessus•added 2026/05/27 12:0 a.m.•7 views

Amazon Linux 2 : containerd, --advisory ALAS2ECS-2026-116 (ALASECS-2026-116)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-116 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory an...

Tenable Nessus•added 2026/05/27 12:0 a.m.•6 views

Amazon Linux 2 : docker, --advisory ALAS2ECS-2026-115 (ALASECS-2026-115)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-115 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and ...

Tenable Nessus•added 2026/05/27 12:0 a.m.•11 views

Amazon Linux 2023 : oci-add-hooks (ALAS2023-2026-1739)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1739 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

Tenable Nessus•added 2026/05/27 12:0 a.m.•7 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2DOCKER-2026-122 (ALASDOCKER-2026-122)

The version of oci-add-hooks installed on the remote host is prior to 0-0.10.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-122 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...

Tenable Nessus•added 2026/05/27 12:0 a.m.•9 views

Amazon Linux 2 : soci-snapshotter, --advisory ALAS2DOCKER-2026-123 (ALASDOCKER-2026-123)

The version of soci-snapshotter installed on the remote host is prior to 0.13.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-123 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C...

Tenable Nessus•added 2026/05/27 12:0 a.m.•9 views

Amazon Linux 2023 : docker (ALAS2023-2026-1736)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1736 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

7.5CVSS6AI score0.00054EPSS

Tenable Nessus•added 2026/05/27 12:0 a.m.•8 views

Amazon Linux 2 : golist, --advisory ALAS2-2026-3308 (ALAS-2026-3308)

The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3308 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a...

7.5CVSS7.4AI score0.00054EPSS

Tenable Nessus•added 2026/05/27 12:0 a.m.•7 views

Amazon Linux 2023 : credentials-fetcher (ALAS2023-2026-1744)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1744 advisory. crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...

7.5CVSS7.4AI score0.00054EPSS

Exploits0References18

Tenable Nessus•added 2026/05/27 12:0 a.m.•8 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2ECS-2026-118 (ALASECS-2026-118)

The version of oci-add-hooks installed on the remote host is prior to 0-0.10.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-118 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...

Tenable Nessus•added 2026/05/27 12:0 a.m.•10 views

Amazon Linux 2023 : nerdctl (ALAS2023-2026-1735)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1735 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

OSV•added 2026/05/26 2:54 p.m.•4 views

SUSE-SU-2026:2079-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: 'go tool...

7.5CVSS6AI score0.00054EPSS

Exploits0References25

Amazon•added 2026/05/26 12:0 a.m.•9 views

Important: docker

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

Amazon•added 2026/05/26 12:0 a.m.•10 views

Important: runc

Amazon•added 2026/05/26 12:0 a.m.•13 views

Important: docker

7.5CVSS7.4AI score0.00054EPSS