Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

100 matches found

RedhatCVE
RedhatCVEadded 2026/04/30 8:48 p.m.2 views

CVE-2025-60889

Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts...

9.8CVSS6AI score0.00077EPSS
Exploits1References1
EUVD
EUVDadded 2026/04/28 12:0 a.m.2 views

EUVD-2025-209583

Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts...

6AI score0.00077EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/04/28 12:0 a.m.2 views

CVE-2025-60889

Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts...

6AI score0.00077EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2026/03/08 1:44 a.m.4 views

CVE-2026-29795

stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...

7.5CVSS5.8AI score0.00032EPSS
Exploits0References1
NVD
NVDadded 2026/03/06 9:16 p.m.1 views

CVE-2026-29795

stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...

7.5CVSS0.00032EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/06 8:42 p.m.1 views

CVE-2026-29795

stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...

4CVSS5.8AI score0.00032EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/03/06 8:42 p.m.17 views

CVE-2026-29795 stellar-xdr: `StringM::from_str` bypasses max length validation

stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...

4CVSS0.00032EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/06 8:42 p.m.2 views

CVE-2026-29795 stellar-xdr: `StringM::from_str` bypasses max length validation

stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...

4CVSS5.8AI score0.00032EPSS
Exploits0References4
OSV
OSVadded 2026/03/06 8:42 p.m.2 views

CVE-2026-29795 stellar-xdr: `StringM::from_str` bypasses max length validation

stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns a...

4CVSS5.8AI score0.00032EPSS
Exploits0References6
CVE
CVEadded 2026/03/06 8:42 p.m.7 views

CVE-2026-29795

CVE-2026-29795 affects the stellar-xdr crate (StringM::from_str bypasses the max length validation). Affected: versions prior to 25.0.1. Root cause: input strings longer than MAX are accepted, producing StringM with violated length invariant. Impact: potential propagation through serialization/va...

7.5CVSS5.8AI score0.00032EPSS
Exploits0References4Affected Software1
CNNVD
CNNVDadded 2026/03/06 12:0 a.m.2 views

stellar-xdr 安全漏洞

Stellar-xdr is an open-source data format processing library developed by Stellar. Versions of Stellar-xdr prior to 25.0.1 contained security vulnerabilities. These vulnerabilities stemmed from StringM::fromstr not verifying that the input length was within the declared maximum value, allowing fo...

7.5CVSS5.8AI score0.00032EPSS
Exploits0References5
OSV
OSVadded 2026/03/05 8:45 p.m.2 views

GHSA-X57H-XX53-V53W stellar-xdr's StringM::from_str bypasses max length validation

Impact StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns an Ok value instead of ErrError::LengthExceedsMax, producing a StringM that violates its length invariant. This affec...

4CVSS6AI score0.00032EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2026/03/05 8:45 p.m.4 views

stellar-xdr's StringM::from_str bypasses max length validation

Impact StringM::fromstr does not validate that the input length is within the declared maximum MAX. Calling StringM::::fromstrs where s is longer than N bytes succeeds and returns an Ok value instead of ErrError::LengthExceedsMax, producing a StringM that violates its length invariant. This affec...

7.5CVSS6AI score0.00032EPSS
Exploits0References6Affected Software1
vulnersOsv
vulnersOsvadded 2025/10/15 7:43 p.m.5 views

@nasa-jpl/stellar-svelte (>=2.1.9 <=2.1.10), @scouterdev/ui (=0.0.1) +2 more potentially affected by CVE-2025-62381 via sveltekit-superforms (>=2.16.1 <=2.27.1)

sveltekit-superforms NPM version =2.16.1, =2.1.9, =1.3.0, =0.0.2-dev.80, =1.0.9 Source cves: CVE-2025-62381 Source advisory: SNYK:JS-SVELTEKITSUPERFORMS-13559331...

8.3CVSS5.8AI score0.01006EPSS
Exploits0
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2019-7469

Malware in sbrugna...

7.5CVSS7.5AI score0.00148EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2002-0907

Malware in sbrugna...

7.5CVSS6.4AI score0.02682EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-1444

Malware in sbrugna...

6.5CVSS6.4AI score0.00069EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2024-30730

Malicious code in bioql PyPI...

5.9CVSS6.6AI score0.00273EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-2655

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00168EPSS
Exploits1References7
Vulnrichment
Vulnrichmentadded 2025/07/16 6:34 a.m.2 views

CVE-2025-52690 Command Injection Vulnerability in the OmniAccess Stellar over UDP Service

Successful exploitation of the vulnerability could allow an attacker to execute arbitrary commands as root, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point...

8.1CVSS7.4AI score0.00522EPSS
Exploits0References3
Rows per page
Query Builder