Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

73327 matches found

Vulnrichment
Vulnrichmentadded 2026/05/11 5:14 p.m.3 views

CVE-2026-41257 jq: Signed-int overflow in `stack_reallocate` (jq VM stack)

jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...

7.3CVSS5.8AI score0.00013EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/05/11 5:14 p.m.5 views

CVE-2026-41257

jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...

7.3CVSS5.8AI score0.00013EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/05/11 5:14 p.m.26 views

CVE-2026-41257 jq: Signed-int overflow in `stack_reallocate` (jq VM stack)

jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...

7.3CVSS0.00013EPSS
Exploits1References1
AlpineLinux
AlpineLinuxadded 2026/05/11 5:14 p.m.8 views

CVE-2026-41257

jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...

7.3CVSS5.8AI score0.00013EPSS
Exploits1References1
EUVD
EUVDadded 2026/05/11 5:14 p.m.6 views

EUVD-2026-29163

jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyond ≈1 GiB via deeply nested generator forks, the doubling arithmetic overflows. The wrapped value is passed to realloc and then used for ...

7.3CVSS5.8AI score0.00013EPSS
Exploits1References1
CVE
CVEadded 2026/05/11 5:14 p.m.9 views

CVE-2026-41257

The CVE concerns jq (1.8.1 and earlier) where the bytecode VM’s data stack uses a signed int to track allocation size. When the stack grows beyond ~1 GiB (e.g., via deeply nested generator forks), the doubling arithmetic overflows, causing the wrapped value to be passed to realloc and then used f...

7.3CVSS5.8AI score0.00013EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/05/11 4:36 p.m.2 views

CVE-2026-44226

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, pyload-ng WebUI returns full Python traceback details to clients on unhandled exceptions. Because /web/ is reachable without authentication and renders attacker-controlled template names, an...

5.3CVSS5.8AI score0.00067EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2026/05/11 4:36 p.m.28 views

CVE-2026-44226 pyLoad: Unauthenticated traceback disclosure via global exception handler in WebUI

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, pyload-ng WebUI returns full Python traceback details to clients on unhandled exceptions. Because /web/ is reachable without authentication and renders attacker-controlled template names, an...

5.3CVSS0.00067EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/05/11 4:36 p.m.4 views

CVE-2026-44226 pyLoad: Unauthenticated traceback disclosure via global exception handler in WebUI

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, pyload-ng WebUI returns full Python traceback details to clients on unhandled exceptions. Because /web/ is reachable without authentication and renders attacker-controlled template names, an...

5.3CVSS5.8AI score0.00067EPSS
Exploits1References1
SUSE CVE
SUSE CVEadded 2026/05/11 2:16 p.m.6 views

SUSE CVE-2026-8258

A flaw has been found in Squirrel up to 3.2. Impacted is the function validateformat in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. The project was...

5.3CVSS6AI score0.00014EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/05/11 2:13 p.m.6 views

SUSE CVE-2026-43380

In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbus/q54sj108a2 fix stack overflow in debugfs read The q54sj108a2debugfsread function suffers from a stack buffer overflow due to incorrect arguments passed to bin2hex. The function currently passes 'data' as the...

7.8CVSS6AI score0.00013EPSS
Exploits0References3
EUVD
EUVDadded 2026/05/11 3:31 a.m.8 views

EUVD-2026-29014

A flaw has been found in Squirrel up to 3.2. Impacted is the function validateformat in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. The project was...

5.3CVSS6.2AI score0.00014EPSS
Exploits0References6
NVD
NVDadded 2026/05/11 2:16 a.m.10 views

CVE-2026-8258

A flaw has been found in Squirrel up to 3.2. Impacted is the function validateformat in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. The project was...

5.3CVSS0.00014EPSS
Exploits0References5
OSV
OSVadded 2026/05/11 2:16 a.m.2 views

DEBIAN-CVE-2026-8258

A flaw has been found in Squirrel up to 3.2. Impacted is the function validateformat in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. The project was...

4.8CVSS6.2AI score0.00014EPSS
Exploits0References1
Snyk
Snykadded 2026/05/11 2:13 a.m.5 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the validateformat function. An attacker can execute arbitrary code or cause a denial of service by providing specially crafted input that triggers a stack-based buffer overflow. Remediation A fix was push...

5.3CVSS6.7AI score0.00014EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/11 12:45 a.m.31 views

CVE-2026-8258 Squirrel sqstdstring.cpp validate_format stack-based overflow

A flaw has been found in Squirrel up to 3.2. Impacted is the function validateformat in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. The project was...

5.3CVSS0.00014EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2026/05/11 12:45 a.m.3 views

CVE-2026-8258

A flaw has been found in Squirrel up to 3.2. Impacted is the function validateformat in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. The project was...

5.3CVSS6.2AI score0.00014EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/05/11 12:45 a.m.2 views

CVE-2026-8258

A flaw has been found in Squirrel up to 3.2. Impacted is the function validateformat in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. The project was...

5.3CVSS6.2AI score0.00014EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/05/11 12:45 a.m.4 views

CVE-2026-8258 Squirrel sqstdstring.cpp validate_format stack-based overflow

A flaw has been found in Squirrel up to 3.2. Impacted is the function validateformat in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. The project was...

5.3CVSS6.2AI score0.00014EPSS
Exploits0References5
CVE
CVEadded 2026/05/11 12:45 a.m.24 views

CVE-2026-8258

CVE-2026-8258 affects Squirrel (up to 3.2), specifically the validate_format function in sqstdlib/sqstdstring.cpp, which can cause a stack-based buffer overflow via local manipulation. The vulnerability is local-exploitable; an exploit has been published and may be used. No remediation details ar...

5.3CVSS6.2AI score0.00014EPSS
Exploits0References5
Rows per page
Query Builder