Lucene search
K

7 matches found

NVD
NVD
added 2026/07/01 3:17 p.m.9 views

CVE-2026-6682

In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mountvolume where fasize = fs-nfats can wrap, leading to attacker-controlled file-size metadata and unsafe read lengths in downstream callers. This maps to CWE-190 Integer Overflow or Wraparound. Estimated CVSS v3.1 vector:...

7.6CVSS0.0021EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.9 views

CVE-2026-49140

Nanobot prior to version 0.2.1 contains a denial of service vulnerability in the Matrix channel media download handler that allows authenticated room members to exhaust process memory and bandwidth by sending media events with missing or invalid size metadata. Attackers can send multiple concurre...

5.3CVSS5.5AI score0.00268EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 7:54 p.m.9 views

CVE-2026-49140 Nanobot < 0.2.1 Denial of Service via Matrix Media Download Handler

Nanobot prior to version 0.2.1 contains a denial of service vulnerability in the Matrix channel media download handler that allows authenticated room members to exhaust process memory and bandwidth by sending media events with missing or invalid size metadata. Attackers can send multiple concurre...

5.3CVSS5.8AI score0.00268EPSS
Exploits0References4
CVE
CVE
added 2026/06/01 7:54 p.m.28 views

CVE-2026-49140

Nanobot before version 0.2.1 contains a denial-of-service vulnerability in the Matrix channel media download handler. Authenticated room members can trigger large, concurrent media downloads by sending media events with missing or invalid size metadata, causing response bodies to materialize befo...

5.3CVSS5.8AI score0.00268EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.16 views

PT-2026-45562

Nanobot prior to version 0.2.1 contains a denial of service vulnerability in the Matrix channel media download handler that allows authenticated room members to exhaust process memory and bandwidth by sending media events with missing or invalid size metadata. Attackers can send multiple concurre...

5.3CVSS5.8AI score0.00268EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/10 3:35 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the import process. An attacker can exhaust server storage and potentially cause service disruption by uploading compressed zip files containing files that exceed the configur...

7.1CVSS5.8AI score0.00338EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/10 3:35 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the import process. An attacker can exhaust server storage and potentially cause service disruption by uploading compressed zip files containing files that exceed the configur...

7.1CVSS5.8AI score0.00338EPSS
Exploits1References2
Rows per page
Query Builder