EUVD-2026-19351

vLLM is an inference and serving engine for large language models LLMs. From 0.1.0 to before 0.19.0, a Denial of Service vulnerability exists in the vLLM OpenAI-compatible API server. Due to the lack of an upper bound validation on the n parameter in the ChatCompletionRequest and CompletionReques...

PT-2025-37315

Name of the Vulnerable Software and Affected Versions: httpsig-rs versions prior to 0.0.19 Description: httpsig-rs is a Rust implementation of IETF RFC 9421 http message signatures. The HMAC signature comparison is not timing-safe in versions prior to 0.0.19, potentially allowing an attacker to...

CVE-2019-10226

HTML Injection has been discovered in the v0.19.0 version of the Fat Free CRM product via an authenticated request to the /comments URI. NOTE: the vendor disputes the significance of this report because some HTML formatting such as with an H1 element is allowed, but there is a XSS protection...

OpenSC Memory Leak Vulnerability

OpenSC is an open source smart card tool and middleware. A security vulnerability exists in the 'sccontextcreate' function in the ctx.c file of libopensc in OpenSC version 0.19.0. An attacker can exploit this vulnerability to cause a denial of service memory leak...