CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

SUSE CVE•added 2026/03/12 8:52 a.m.•1 views

SUSE CVE-2026-31870

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...

7.5CVSS5.6AI score0.00116EPSS

Exploits1References3

RedHat Linux•added 2026/02/16 4:52 p.m.•2 views

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

8.9CVSS5.8AI score0.00032EPSS

Exploits0References6

SUSE CVE•added 2026/02/05 12:24 a.m.•2 views

SUSE CVE-2026-23107

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA The code to restore a ZA context doesn't attempt to allocate the task's svestate before setting TIFSME. Consequently, restoring a ZA context can place a task into an...

5.5CVSS5.4AI score0.00018EPSS

Exploits0References19

UbuntuCve•added 2026/02/04 5:16 p.m.•2 views

CVE-2026-23102

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Restoring SVE signal context can go wrong in a few ways, including placing the task into an invalid state where the kernel may read from out-of-bounds...

7.1CVSS5.8AI score0.00018EPSS

Exploits0References10

RedHat Linux•added 2026/02/03 7:21 a.m.•1 views

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

8.9CVSS5.8AI score0.00032EPSS

Exploits0References6

RedHat Linux•added 2026/02/02 12:38 p.m.•3 views

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

8.9CVSS5.8AI score0.00032EPSS

Exploits0References6

RedHat Linux•added 2026/01/26 6:1 p.m.•1 views

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

8.9CVSS5.8AI score0.00032EPSS

Exploits0References6

AlpineLinux•added 2026/01/07 10:9 p.m.•5 views

CVE-2026-21441

8.9CVSS6.6AI score0.00032EPSS

Exploits0References3

Positive Technologies•added 2026/01/01 12:0 a.m.•2 views

PT-2026-6172

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the arm64/fpsimd component related to the restoration of SVE context when SME is supported. Restoring SVE signal context can lead to an invalid state,...

7.1CVSS5.4AI score0.00018EPSS

Exploits0

SUSE CVE•added 2025/12/16 12:23 a.m.•1 views

SUSE CVE-2025-64443

MCP Gateway allows easy and secure running and deployment of MCP servers. In versions 0.27.0 and earlier, when MCP Gateway runs in sse or streaming transport mode, it is vulnerable to DNS rebinding. An attacker who can get a victim to visit a malicious website or be served a malicious advertiseme...

9.6CVSS6.9AI score0.00015EPSS

Exploits0References2

OSV•added 2025/12/08 9:31 p.m.•2 views

GO-2025-4179 Docker MCP Plugin and Docker MCP Gateway have DNS Rebinding vulnerability when running in sse or streaming mode in github.com/docker/mcp-gateway

Docker MCP Plugin and Docker MCP Gateway have DNS Rebinding vulnerability when running in sse or streaming mode in github.com/docker/mcp-gateway...

9.6CVSS6.9AI score0.00015EPSS

Exploits0References6

RedhatCVE•added 2025/12/05 8:32 p.m.•5 views

CVE-2025-64443

7.3CVSS6.8AI score0.00015EPSS

Exploits0References1

Cvelist•added 2025/12/03 5:41 p.m.•12 views

CVE-2025-64443 DNS Rebinding vulnerability present when running MCP Gateway in sse or streaming mode

7.3CVSS0.00015EPSS

Exploits0References2

EUVD•added 2025/12/03 5:41 p.m.•2 views

EUVD-2025-200985

7.3CVSS6.2AI score0.00015EPSS

Exploits0References7

CVE•added 2025/12/03 5:41 p.m.•6 views

CVE-2025-64443

CVE-2025-64443 details a DNS rebinding vulnerability in MCP Gateway when running in the sse/streaming transport modes . Affected are MCP Gateway versions

9.6CVSS6.4AI score0.00015EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2025/12/03 5:41 p.m.•1 views

CVE-2025-64443 DNS Rebinding vulnerability present when running MCP Gateway in sse or streaming mode

7.3CVSS6.4AI score0.00015EPSS

Exploits0References2

OSV•added 2025/12/03 5:41 p.m.•3 views

CVE-2025-64443 DNS Rebinding vulnerability present when running MCP Gateway in sse or streaming mode

7.3CVSS6.7AI score0.00015EPSS

Exploits0References4

Snyk•added 2025/12/03 4:7 p.m.•1 views

Exposed Dangerous Method or Function

Overview Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the sse or streaming transport modes. An attacker can gain unauthorized access to internal resources by tricking a victim into visiting a malicious website or serving a malicious advertisement...

8.3CVSS6.9AI score0.00015EPSS

Exploits0References2

Snyk•added 2025/12/03 4:7 p.m.•1 views

Exposed Dangerous Method or Function

8.3CVSS6.9AI score0.00015EPSS

Exploits0References2

Snyk•added 2025/12/03 4:7 p.m.•1 views

Exposed Dangerous Method or Function

8.3CVSS6.9AI score0.00015EPSS

Exploits0References2

Rows per page