Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

364 matches found

Tenable Nessus
Tenable Nessusadded 2026/06/09 12:0 a.m.10 views

EulerOS 2.0 SP11 : avahi (EulerOS-SA-2026-2197)

According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below,...

6.5CVSS5.5AI score0.00252EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/06/08 4:34 p.m.10 views

CVE-2026-43974

A flaw was found in gun. A malicious HTTP server can exploit this vulnerability by sending an unsolicited '101 Switching Protocols' response to a gun client. This action forces the client into a raw protocol mode, allowing the server to flood the client with arbitrary data. This uncontrolled data...

8.7CVSS5.6AI score0.00381EPSS
Exploits0References2
NVD
NVDadded 2026/06/08 3:16 p.m.13 views

CVE-2026-43974

Unexpected Status Code or Return Value vulnerability in ninenines gun gunhttp module allows a malicious HTTP server to force the client into raw protocol mode via an unsolicited 101 Switching Protocols response. In gunhttp:handleinform/8, when a 101 Switching Protocols response is received over...

8.7CVSS0.00381EPSS
Exploits0References3
EUVD
EUVDadded 2026/06/08 2:12 p.m.7 views

EUVD-2026-35072

Unexpected Status Code or Return Value vulnerability in ninenines gun gunhttp module allows a malicious HTTP server to force the client into raw protocol mode via an unsolicited 101 Switching Protocols response. In gunhttp:handleinform/8, when a 101 Switching Protocols response is received over...

8.7CVSS5.6AI score0.00381EPSS
Exploits0References3
CVE
CVEadded 2026/06/08 2:12 p.m.17 views

CVE-2026-43974

The CVE concerns the gun_http module of the Erlang-based Gun library (gun_http) in the Gun HTTP client. Affected versions: Gun 2.0.0 up to but not including 2.4.0. Root cause: when a 101 Switching Protocols response arrives over HTTP/1.1, Gun only validates the Upgrade header syntax and the strea...

8.7CVSS5.6AI score0.00381EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/06/08 2:12 p.m.36 views

CVE-2026-43974 gun HTTP/1.1 client accepts unsolicited 101 Switching Protocols response allowing server-driven protocol hijack and OOM

Unexpected Status Code or Return Value vulnerability in ninenines gun gunhttp module allows a malicious HTTP server to force the client into raw protocol mode via an unsolicited 101 Switching Protocols response. In gunhttp:handleinform/8, when a 101 Switching Protocols response is received over...

8.7CVSS0.00381EPSS
Exploits0References3
OSV
OSVadded 2026/06/08 2:12 p.m.6 views

EEF-CVE-2026-43974 gun HTTP/1.1 client accepts unsolicited 101 Switching Protocols response allowing server-driven protocol hijack and OOM

Summary Unexpected Status Code or Return Value vulnerability in ninenines gun gunhttp module allows a malicious HTTP server to force the client into raw protocol mode via an unsolicited 101 Switching Protocols response. In gunhttp:handleinform/8, when a 101 Switching Protocols response is receive...

8.7CVSS5.6AI score0.00381EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/06/08 12:0 a.m.13 views

Amazon Linux 2 : rclone, --advisory ALAS2-2026-3348 (ALAS-2026-3348)

The version of rclone installed on the remote host is prior to 1.55.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3348 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively...

9.1CVSS5.7AI score0.00313EPSS
Exploits0References12
Tenable Nessus
Tenable Nessusadded 2026/06/08 12:0 a.m.8 views

Amazon Linux 2023 : runfinch-finch (ALAS2023-2026-1809)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1809 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected...

10CVSS5.8AI score0.00392EPSS
Exploits0References28
Tenable Nessus
Tenable Nessusadded 2026/06/08 12:0 a.m.6 views

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2026-1784)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1784 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected...

10CVSS7AI score0.00392EPSS
Exploits0References28
Tenable Nessus
Tenable Nessusadded 2026/06/08 12:0 a.m.9 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-109 (ALASNITRO-ENCLAVES-2026-109)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-109 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused...

10CVSS7AI score0.00392EPSS
Exploits0References28
Amazon
Amazonadded 2026/06/08 12:0 a.m.11 views

Important: docker

Issue Overview: The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated client...

10CVSS5.6AI score0.00319EPSS
Exploits0
Amazon
Amazonadded 2026/06/08 12:0 a.m.15 views

Important: nerdctl

Issue Overview: Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt ...

10CVSS6.1AI score0.00392EPSS
Exploits0
Amazon
Amazonadded 2026/06/08 12:0 a.m.10 views

Important: containerd

Issue Overview: An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state a...

10CVSS5.8AI score0.00392EPSS
Exploits0
Amazon
Amazonadded 2026/06/08 12:0 a.m.13 views

Important: nerdctl

Issue Overview: Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt ...

10CVSS6.1AI score0.00392EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2026/06/08 12:0 a.m.5 views

Amazon Linux 2 : runfinch-finch, --advisory ALAS2DOCKER-2026-128 (ALASDOCKER-2026-128)

The version of runfinch-finch installed on the remote host is prior to 1.17.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-128 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounde...

10CVSS5.8AI score0.00392EPSS
Exploits0References28
Tenable Nessus
Tenable Nessusadded 2026/06/08 12:0 a.m.7 views

Amazon Linux 2023 : nerdctl (ALAS2023-2026-1788)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1788 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing arbitrary HTML which is then rendered using Render can result in an...

10CVSS6.1AI score0.00392EPSS
Exploits0References40
Amazon
Amazonadded 2026/06/08 12:0 a.m.5 views

Important: containerd

Issue Overview: An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state a...

10CVSS5.8AI score0.00392EPSS
Exploits0
Amazon
Amazonadded 2026/06/08 12:0 a.m.13 views

Important: rclone

Issue Overview: Parsing a malicious font file can cause excessive memory allocation. CVE-2026-33812 An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected user...

10CVSS5.8AI score0.00392EPSS
Exploits0
Amazon
Amazonadded 2026/06/08 12:0 a.m.16 views

Important: runfinch-finch

Issue Overview: An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state a...

10CVSS5.8AI score0.00392EPSS
Exploits0
Rows per page
Query Builder