CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/20 9:20 a.m.•9 views

CVE-2026-42959

CVE-2026-42959 affects NLnet Labs Unbound up to version 1.25.0. The vulnerability lies in the DNSSEC validator: while constructing chase-reply messages, the code uses the wrong counter to calculate write offsets for ADDITIONAL section rrsets. This, combined with DNAME duplication increasing the A...

8.7CVSS5.8AI score0.00058EPSS

Exploits0References1Affected Software1

EUVD•added 2026/05/20 9:20 a.m.•5 views

EUVD-2026-31084

8.7CVSS5.8AI score0.00058EPSS

Cvelist•added 2026/05/20 9:20 a.m.•32 views

CVE-2026-42959 Crash during DNSSEC validation of malicious content

8.7CVSS0.00058EPSS

RedhatCVE•added 2026/04/16 7:22 p.m.•0 views

CVE-2026-32605

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an untrusted peer could crash a validator by publishing a signed tendermint proposal message where signer == validators.numvalidators...

CVE•added 2026/04/13 6:54 p.m.•3 views

CVE-2026-32605

The CVE concerns the Rust implementation of Nimiq PoS (nimiq/core-rs-albatross). Before version 1.3.0, an untrusted peer could crash a validator by publishing a signed tendermint proposal where signer == validators.num_validators(); the code uses ProposalSender::send with a > bound check inste...

Exploits0References4Affected Software1

ATTACKERKB•added 2026/04/13 6:54 p.m.•2 views

CVE-2026-32605

Exploits0References5Affected Software1

EUVD•added 2026/04/13 6:54 p.m.•1 views

EUVD-2026-22061

Cvelist•added 2026/04/13 6:54 p.m.•19 views

CVE-2026-32605 Nimiq: Remote crash via off-by-one signer bounds check in proposal buffer

7.5CVSS0.00017EPSS

Positive Technologies•added 2026/04/13 12:0 a.m.•1 views

PT-2026-32505

NVD•added 2026/02/27 10:16 p.m.•5 views

Exploits0References6

CVE-2026-28402

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.2.2, a malicious or compromised validator that is elected as proposer can publish a macro block proposal where header.bodyroot does not match the...

7.1CVSS0.00009EPSS

Vulnrichment•added 2026/02/27 9:8 p.m.•0 views

CVE-2026-28402 nimiq/core-rs-albatross's nimiq-blockchain missing proposal body root verification

7.1CVSS6AI score0.00009EPSS

OSV•added 2026/02/27 9:8 p.m.•1 views

CVE-2026-28402 nimiq/core-rs-albatross's nimiq-blockchain missing proposal body root verification

7.1CVSS6AI score0.00009EPSS

Exploits0References6

CNNVD•added 2026/02/27 12:0 a.m.•2 views

core-rs-albatross 安全漏洞

core-rs-albatross is a Rust implementation of the Albatross protocol developed by Nimiq. Versions prior to 1.2.2 of core-rs-albatross contained a security vulnerability. This vulnerability stemmed from the lack of checks during the macro block proposal validation process, which did not verify the...

7.1CVSS5.8AI score0.00009EPSS

Exploits0References5

RedhatCVE•added 2026/02/14 1:28 a.m.•3 views

CVE-2025-70955

A Stack Overflow vulnerability was discovered in the TON Virtual Machine TVM before v2024.10. The vulnerability stems from the improper handling of vmstate and continuation jump instructions, which allow for continuous dynamic tail calls. An attacker can exploit this by crafting a smart contract...

7.5CVSS5.9AI score0.00026EPSS

RedhatCVE•added 2026/02/14 1:28 a.m.•3 views

CVE-2025-70954

A Null Pointer Dereference vulnerability exists in the TON Virtual Machine TVM within the TON Blockchain before v2025.06. The issue is located in the execution logic of the INMSGPARAM instruction, where the program fails to validate if a specific pointer is null before accessing it. By sending a...

7.5CVSS5.8AI score0.0003EPSS

NVD•added 2026/02/13 10:16 p.m.•3 views

CVE-2025-70955

7.5CVSS0.00026EPSS

OSV•added 2026/02/13 10:16 p.m.•4 views

CVE-2025-70955

7.5CVSS5.9AI score