206519 matches found
CVE-2026-12590
A flaw was found in body-parser. When the parser is configured with an invalid limit option, such as an unparseable string or a non-numeric value, the request body size check is bypassed. This allows a remote attacker to send arbitrarily large payloads, consuming excessive memory and CPU resource...
CVE-2026-53655
A flaw was found in node-tar. This vulnerability arises because node-tar incorrectly applies PAX extended header size records to subsequent intermediary metadata headers, leading to a desynchronization of the tar stream cursor compared to other standard tar implementations. A remote attacker coul...
CVE-2026-15308
A flaw was found in Python. Its incremental HTML parser can be exploited by a remote attacker. By sending specially crafted, uncontrolled data with repeated, incomplete markup declarations, the attacker can cause the system to consume excessive central processing unit CPU resources. This leads to...
CVE-2026-56362
A heap-buffer-overflow read in ImageMagick's OpenPixelCache occurs when image channel metadata updates before memory allocation. Attackers can trigger this via memory and disk allocation failures to disclose sensitive information. Mitigation Isolate ImageMagick tasks by running them inside...
CVE-2026-56374
A heap buffer overflow vulnerability exists in ImageMagick and Magick.NET's FTXT encoder due to missing boundary checks for the ftxt:format parameter. A remote attacker could exploit this using a specially crafted FTXT image to cause a denial of service or disclose sensitive information. Mitigati...
CVE-2026-45409
A flaw was found in the idna library, which handles Internationalized Domain Names in Python applications. A remote attacker could exploit this vulnerability by sending specially crafted, excessively long inputs to the library's encoding function. This could cause the system to consume significan...
CVE-2026-58471
A flaw was found in GNU Wget. A remote attacker can exploit a heap buffer overflow vulnerability in the convertfname function. This occurs when processing a server-supplied filename that requires character set conversion, leading to memory corruption due to incorrect buffer reallocation. This can...
CVE-2026-35188
A flaw was found in OpenSSL. A malicious server can exploit the TLS Online Certificate Status Protocol OCSP stapling feature by sending a specially crafted response. This can trigger a double-free vulnerability in the client's certificate verification process, potentially leading to a Denial of...
CVE-2026-59926
A flaw was found in Mistune, a Python Markdown parser. The renderadmonition function in the Admonition directive concatenates user-controlled input into the HTML class attribute without proper escaping. This vulnerability allows for attribute injection and Cross-Site Scripting XSS attacks, even...
CVE-2026-58203
A flaw was found in the pydantic-settings component. When configured to handle nested secrets, this vulnerability allows an attacker to read sensitive files from outside the designated secrets directory. By placing a specially crafted symbolic link within the secrets directory, an attacker can...
CVE-2026-42505
A flaw was found in the crypto/tls package in Go. Handshakes utilizing Encrypted Client Hello ECH could lead to de-anonymization by a passive network observer. This is due to the disclosure of pre-shared key identities within the unencrypted client hello, allowing an attacker to potentially link...
CVE-2026-59821
A flaw was found in LiteLLM, a proxy server for Large Language Model LLM APIs. A privileged user with access to create or update custom code guardrails could exploit this vulnerability. The flaw allowed the user to submit custom Python code that would execute within the LiteLLM proxy environment,...
CVE-2026-14362
A flaw was found in HashiCorp memberlist. An attacker with network access to the gossip port could exploit a vulnerability in the push/pull state handling. This could lead to memory exhaustion on a receiving node, causing the process to terminate. This flaw results in a Denial of Service DoS...
CVE-2026-42765
A flaw was found in OpenSSL. When an application is configured with specific non-default settings for certificate verification, including both Online Certificate Status Protocol OCSP response checking and partial chain verification, a NULL dereference can occur. This vulnerability can be triggere...
CVE-2026-56297
A flaw was found in FreeRDP. A malicious Remote Desktop Protocol RDP server can exploit a use-after-free vulnerability due to improper synchronization of channel callback access. By sending DYNVCDATA and DYNVCCLOSE messages concurrently, a race condition can be triggered in the drdynvc client...
CVE-2026-59925
A flaw was found in Mistune, a Python Markdown parser. An attacker can exploit this vulnerability by providing specially crafted Markdown input containing long sequences of emphasis pairs. This can cause the parser to perform excessive computational work, leading to a denial of service DoS...
CVE-2026-44332
A flaw was found in the GoFiber web framework. A remote attacker could exploit a vulnerability in the default Authorizer function of the BasicAuth middleware. This flaw, caused by short-circuit evaluation, allows for reliable remote username enumeration through differences in response timing. Thi...
CVE-2026-59819
A flaw was found in LiteLLM, a proxy server for Large Language Model LLM APIs. A privileged caller, such as a proxy administrator, with permissions to test model connections, could exploit the /health/testconnection endpoint. By supplying specific environment or OIDC OpenID Connect file reference...
CVE-2025-3110
A flaw in OpenVPN Access Server allows remote attackers to smuggle HTTP requests when the server operates behind a reverse proxy. The issue stems from the server accepting unstandardized bare line-feed sequences in HTTP headers. Mitigation To mitigate this issue, ensure that any reverse proxy...
CVE-2026-54591
A flaw was found in AsyncSSH, a Python package for SSHv2 protocol implementation. A malicious SSH server could exploit this vulnerability by sending specially crafted filenames containing directory traversal sequences to an AsyncSSH SCP client. This could allow the server to write arbitrary files...
CVE-2026-59892
A flaw was found in the @opentelemetry/propagator-jaeger component of OpenTelemetry JavaScript. This vulnerability allows an unauthenticated remote attacker to send specially crafted HTTP header values, specifically uber-trace-id and uberctx-. The component improperly decodes these values without...
CVE-2026-59928
A flaw was found in Mistune, a Python Markdown parser. A remote attacker could exploit this vulnerability by providing a specially crafted Markdown document containing numerous repeated or distinct reference-link definitions. This can lead to excessive processing, causing CPU exhaustion and a...
CVE-2026-59868
A flaw was found in js-yaml, a JavaScript YAML parser and dumper. When merge keys are enabled, a remote attacker could exploit this vulnerability by crafting a YAML document where a chain of mappings uses merge keys, each merging the previous one. This can lead to a significant increase in CPU ti...
CVE-2026-54267
A flaw was found in the Angular framework's client-side hydration feature for Server-Side Rendered SSR applications. This vulnerability, known as DOM Clobbering, allows a remote attacker to inject malicious data into the application's internal data cache. By exploiting a predictable identifier us...
CVE-2026-59927
A flaw was found in Mistune, a Python Markdown parser. The Include directive in Mistune's src/mistune/directives/include.py does not properly detect indirect cycles when two Markdown files include each other. This oversight allows for unbounded recursion, which can lead to a RecursionError and...
CVE-2026-59936
A flaw was found in pypdf, a pure-Python PDF library. A remote attacker can craft a malicious PDF document containing an unterminated inline image within its page content stream. When a user processes this crafted PDF, such as during text extraction, the vulnerability causes an infinite loop,...
CVE-2026-59820
A flaw was found in LiteLLM, a proxy server for Large Language Model LLM APIs. An authenticated user, with specific API route access, could upload a specially crafted skill archive. This archive, containing path traversal entries, would allow files to be written outside of the designated extracti...
CVE-2026-59870
A flaw was found in js-yaml, a JavaScript YAML YAML Ain't Markup Language parser. An attacker could exploit this by providing a specially crafted YAML ordered-map document. This could lead to excessive CPU consumption, resulting in a denial of service DoS for applications processing the malicious...
CVE-2026-6352
A flaw was found in GitLab Enterprise Edition EE. An authenticated user with auditor-level access could modify compliance violation records. This was possible due to improper authorization on certain GraphQL operations, allowing them to bypass intended access controls...
CVE-2026-11827
A flaw was found in GitLab EE. An authenticated user with maintainer-role permissions could, under specific conditions, exploit improper authorization controls. This vulnerability allows the user to obtain other users' stored credentials, leading to unauthorized information disclosure...
CVE-2026-13320
A flaw was found in GitLab. Under certain conditions, an authenticated user could exploit improper sanitization of user-supplied input. This vulnerability allows for the execution of arbitrary scripts within another user's browser session, commonly known as Cross-Site Scripting XSS. This could le...
CVE-2026-59692
A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin. During a DTLS handshake, the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack buffer without bounds checking. A remote unauthenticated attacker can send a certificate with an...
CVE-2026-59691
A heap buffer overflow vulnerability was found in GStreamer's rfbsrc plugin. When a client connects to a malicious RFB/VNC server that advertises a 16bpp framebuffer and sends Hextile-encoded updates, the Hextile background fill path writes 32-bit pixel values into a buffer allocated for 16-bit...
CVE-2026-54753
A flaw was found in Nx, a monorepo solution for managing multiple projects. The local HTTP server, started by the nx graph command, incorrectly sent an Access-Control-Allow-Origin: header in its responses. This misconfiguration allows a remote attacker to read sensitive project information, such ...
CVE-2026-52725
A flaw was found in the @angular/core component. This vulnerability allows an attacker to bypass security restrictions when creating dynamic components. By manipulating the host element or selector, an attacker can force an Angular component to be mounted directly onto a script tag. This can resu...
CVE-2026-45692
A flaw was found in Caddy, an extensible server platform. A remote administrator with restricted access to specific configuration objects could bypass these limitations. This occurs because the authorization system uses string prefix matching for access paths, while the configuration traversal...
CVE-2026-58494
A flaw was found in Wasmtime, a runtime for WebAssembly. A WebAssembly System Interface WASI guest with a read-only source file capability can exploit this vulnerability. During hard-link creation and renaming operations, the system checks directory permissions but fails to match file permissions...
CVE-2026-33630
A flaw was found in c-ares. A use-after-free / double-free vulnerability exists in the query-completion handling path, where a query callback is invoked while the query is still linked in internal lookup structures. A remote attacker can exploit this via aresgetaddrinfo over TCP by sending crafte...
CVE-2026-54499
A flaw was found in Stanza, a Stanford NLP Python library. Stanza model loaders, such as stanza.models.common.pretrain.Pretrain.load, attempt to safely load PyTorch checkpoint files. However, if this safe load fails due to an attacker-controllable pickle.UnpicklingError, the loaders fall back to ...
CVE-2026-54590
A flaw was found in AsyncSSH, a Python package for implementing the SSHv2 protocol. An incomplete fix for a previous vulnerability allowed an attacker to bypass security restrictions in the AuthorizedKeysFile processing. By using specific characters like or environment variables $ENV in the...
CVE-2026-15174
A flaw was found in Wireshark. A local attacker could exploit a crash in the Catapult DCT2000 protocol dissector. This vulnerability, requiring user interaction, leads to a denial of service, making the system unavailable. Mitigation To reduce the risk, avoid opening untrusted network capture fil...
CVE-2026-15167
A flaw was found in Wireshark. A remote attacker could exploit a vulnerability in the DBS Etherwatch file parser, leading to a crash of the application. This could result in a denial of service, making the Wireshark application unavailable to users. Mitigation Users should avoid opening or...
CVE-2026-15163
A flaw was found in Wireshark. A local user could trigger multiple protocol dissector infinite loops by providing specially crafted network traffic for analysis. This could lead to a Denial of Service DoS condition, making the application unresponsive. Mitigation To mitigate this issue, users...
CVE-2026-15173
A flaw was found in Wireshark. A remote attacker could exploit a vulnerability in the pcapng file parser, leading to a crash of the application. This denial of service DoS could prevent legitimate users from accessing the service, impacting its availability. Mitigation To mitigate this issue, use...
CVE-2026-15165
A flaw was found in Wireshark. This vulnerability allows a remote attacker to cause a denial of service by crafting a malicious TLS Encrypted Client Hello ECH packet. When Wireshark attempts to decrypt this malformed packet, it can lead to a crash of the application, making it unavailable...
CVE-2026-15171
A flaw was found in Wireshark's SSH Secure Shell protocol dissector. A remote attacker could craft a malicious network capture file that, when opened by a user, would cause the Wireshark application to crash. This vulnerability leads to a denial of service, preventing the user from analyzing...
CVE-2026-15169
A flaw was found in Wireshark. This vulnerability allows a remote attacker to cause a denial of service DoS by sending a specially crafted Universal Mobile Telecommunications System UMTS FP protocol packet. The flaw resides in the UMTS FP protocol dissector, which can lead to a crash of the...
CVE-2026-15168
A flaw was found in Wireshark. The BLF Binary Logging Format file parser allows for possible information disclosure. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted BLF file, leading to the disclosure of sensitive information...
CVE-2026-15164
A flaw was found in Wireshark, specifically within its ciscodump component. This vulnerability allows an attacker to trigger a crash, leading to a Denial of Service DoS. The issue can be exploited through user interaction, making the affected component unavailable...
CVE-2026-59818
A flaw was found in etcd, a distributed key-value store. When etcd is configured to use separate listeners for HTTP and gRPC client endpoints, the Certificate Revocation List CRL is not properly enforced on the gRPC listener. This oversight allows a client with a revoked certificate to successful...