Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-2359

Summary
Assigner-openjs
Assigner Org ID-ce714d77-add3-4f53-aff5-83d477b104bb
Published At-27 Feb, 2026 | 15:42
Updated At-15 Jul, 2026 | 01:18
Rejected At-
Credits

Multer vulnerable to Denial of Service via resource exhaustion

Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by dropping connection during file upload, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:openjs
Assigner Org ID:ce714d77-add3-4f53-aff5-83d477b104bb
Published At:27 Feb, 2026 | 15:42
Updated At:15 Jul, 2026 | 01:18
Rejected At:
▼CVE Numbering Authority (CNA)
Multer vulnerable to Denial of Service via resource exhaustion

Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by dropping connection during file upload, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available.

Affected Products
Vendor
Express (OpenJS Foundation)expressjs
Product
multer
Default Status
unaffected
Versions
Affected
  • From 0.0.0 before 2.1.0 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-772CWE-772
Type: CWE
CWE ID: CWE-772
Description: CWE-772
Metrics
VersionBase scoreBase severityVector
4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mc
N/A
https://www.cve.org/CVERecord?id=CVE-2026-2359
N/A
https://github.com/expressjs/multer/commit/cccf0fe0e64150c4f42ccf6654165c0d66b9adab
N/A
https://cna.openjsf.org/security-advisories.html
N/A
Hyperlink: https://github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mc
Resource: N/A
Hyperlink: https://www.cve.org/CVERecord?id=CVE-2026-2359
Resource: N/A
Hyperlink: https://github.com/expressjs/multer/commit/cccf0fe0e64150c4f42ccf6654165c0d66b9adab
Resource: N/A
Hyperlink: https://cna.openjsf.org/security-advisories.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
2. multer: Multer: Denial of Service via dropped file upload connections

A flaw was found in Multer, a Node.js middleware for handling `multipart/form-data`. A remote attacker can exploit this vulnerability by intentionally dropping a connection during a file upload. This can lead to a Denial of Service (DoS) due to resource exhaustion on the affected system.

Affected Products
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Developer Hub 1.8
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhdh/rhdh-hub-rhel9
CPEs
  • cpe:/a:redhat:rhdh:1.8::el9
Default Status
affected
Versions
Unaffected
  • From 1774545605 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Developer Hub 1.9
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhdh/rhdh-hub-rhel9
CPEs
  • cpe:/a:redhat:rhdh:1.9::el9
Default Status
affected
Versions
Unaffected
  • From 1775140647 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Logging Subsystem for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-logging/cluster-logging-operator-bundle
CPEs
  • cpe:/a:redhat:logging:5
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Logging Subsystem for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-logging/cluster-logging-rhel9-operator
CPEs
  • cpe:/a:redhat:logging:5
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Logging Subsystem for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-logging/eventrouter-rhel9
CPEs
  • cpe:/a:redhat:logging:5
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Logging Subsystem for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-logging/fluentd-rhel9
CPEs
  • cpe:/a:redhat:logging:5
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Logging Subsystem for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-logging/log-file-metric-exporter-rhel9
CPEs
  • cpe:/a:redhat:logging:5
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Logging Subsystem for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-logging/logging-view-plugin-rhel9
CPEs
  • cpe:/a:redhat:logging:5
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Logging Subsystem for Red Hat OpenShift
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
openshift-logging/vector-rhel9
CPEs
  • cpe:/a:redhat:logging:5
  • cpe:/a:redhat:logging:6
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
fido-device-onboard
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
firefox
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
thunderbird
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 7
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
firefox
CPEs
  • cpe:/o:redhat:enterprise_linux:7
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
firefox
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
thunderbird
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
firefox
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
thunderbird
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Trusted Profile Analyzer
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rhtpa/rhtpa-trustification-service-rhel9
CPEs
  • cpe:/a:redhat:trusted_profile_analyzer:2
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Self-service automation portal 2
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
ansible-automation-platform/automation-portal
CPEs
  • cpe:/a:redhat:ansible_portal:2
Default Status
affected
Problem Types
TypeCWE IDDescription
CWECWE-772Missing Release of Resource after Effective Lifetime
Type: CWE
CWE ID: CWE-772
Description: Missing Release of Resource after Effective Lifetime
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Red Hat severity rating
value:
Important
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions

RHSA-2026:6174: Red Hat Developer Hub 1.8

RHSA-2026:6802: Red Hat Developer Hub 1.9

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Reported to Red Hat.2026-02-27 16:01:27
Made public.2026-02-27 15:42:08
Event: Reported to Red Hat.
Date: 2026-02-27 16:01:27
Event: Made public.
Date: 2026-02-27 15:42:08
Replaced By

Rejected Reason

References
HyperlinkResource
https://access.redhat.com/security/cve/CVE-2026-2359
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2443350
issue-tracking
x_refsource_REDHAT
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2359.json
x_sadp-csaf-vex
https://access.redhat.com/errata/RHSA-2026:6174
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2026:6802
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-2359
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2443350
Resource:
issue-tracking
x_refsource_REDHAT
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2359.json
Resource:
x_sadp-csaf-vex
Hyperlink: https://access.redhat.com/errata/RHSA-2026:6174
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2026:6802
Resource:
vendor-advisory
x_refsource_REDHAT
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ce714d77-add3-4f53-aff5-83d477b104bb
Published At:27 Feb, 2026 | 16:16
Updated At:15 Jul, 2026 | 02:19

Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior to version 2.1.0 allows an attacker to trigger a Denial of Service (DoS) by dropping connection during file upload, potentially causing resource exhaustion. Users should upgrade to version 2.1.0 to receive a patch. No known workarounds are available.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.7HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
N/A
Type: Secondary
Version: 4.0
Base score: 8.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Express (OpenJS Foundation)
expressjs
>>multer>>Versions before 2.1.0(exclusive)
cpe:2.3:a:expressjs:multer:*:*:*:*:*:node.js:*:*
Weaknesses
CWE IDTypeSource
CWE-772Secondaryce714d77-add3-4f53-aff5-83d477b104bb
CWE-772Secondary0b0ca135-0b70-47e7-9f44-1890c2a1c46c
CWE ID: CWE-772
Type: Secondary
Source: ce714d77-add3-4f53-aff5-83d477b104bb
CWE ID: CWE-772
Type: Secondary
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://cna.openjsf.org/security-advisories.htmlce714d77-add3-4f53-aff5-83d477b104bb
Vendor Advisory
https://github.com/expressjs/multer/commit/cccf0fe0e64150c4f42ccf6654165c0d66b9adabce714d77-add3-4f53-aff5-83d477b104bb
Patch
https://github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mcce714d77-add3-4f53-aff5-83d477b104bb
Patch
Vendor Advisory
https://www.cve.org/CVERecord?id=CVE-2026-2359ce714d77-add3-4f53-aff5-83d477b104bb
VDB Entry
https://access.redhat.com/errata/RHSA-2026:61740b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/errata/RHSA-2026:68020b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://access.redhat.com/security/cve/CVE-2026-23590b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=24433500b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2359.json0b0ca135-0b70-47e7-9f44-1890c2a1c46c
N/A
Hyperlink: https://cna.openjsf.org/security-advisories.html
Source: ce714d77-add3-4f53-aff5-83d477b104bb
Resource:
Vendor Advisory
Hyperlink: https://github.com/expressjs/multer/commit/cccf0fe0e64150c4f42ccf6654165c0d66b9adab
Source: ce714d77-add3-4f53-aff5-83d477b104bb
Resource:
Patch
Hyperlink: https://github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mc
Source: ce714d77-add3-4f53-aff5-83d477b104bb
Resource:
Patch
Vendor Advisory
Hyperlink: https://www.cve.org/CVERecord?id=CVE-2026-2359
Source: ce714d77-add3-4f53-aff5-83d477b104bb
Resource:
VDB Entry
Hyperlink: https://access.redhat.com/errata/RHSA-2026:6174
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2026:6802
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-2359
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2443350
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-2359.json
Source: 0b0ca135-0b70-47e7-9f44-1890c2a1c46c
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

393Records found

CVE-2026-58016
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.37% / 29.60%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 13:02
Updated-01 Jul, 2026 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml"

A flaw was found in GLib. A state confusion issue exists in g_dbus_node_info_new_for_xml() in the gio/gdbusintrospection.c file when processing malformed D-Bus introspection XML, specifically with a <node> element nested within other elements like <method>, <signal>, <property> or <arg>. This issue can cause an unsigned integer overflow and lead to an out-of-bounds read, resulting in a denial of service.

Action-Not Available
Vendor-The GNOME ProjectRed Hat, Inc.
Product-enterprise_linuxglibRed Hat Enterprise Linux 7Red Hat Hardened ImagesRed Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8GLibRed Hat Enterprise Linux 6
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2026-44488
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.63% / 46.15%
||
7 Day CHG~0.00%
Published-11 Jun, 2026 | 15:37
Updated-17 Jul, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Axios: Allocation of Resources Without Limits or Throttling in axios

Axios is a promise based HTTP client for the browser and Node.js. Axios versions 1.7.0 through 1.15.x did not enforce configured request and response size limits when requests were sent with the fetch adapter. Applications that selected adapter: 'fetch', or ran in environments where axios resolved to the fetch adapter, could receive or send bodies larger than maxContentLength or maxBodyLength despite those limits being explicitly configured. This can cause resource exhaustion in server-side usage when a malicious or compromised server returns an oversized response, when an attacker can supply a large data: URL, or when an application forwards attacker-controlled request bodies through axios while relying on maxBodyLength as a boundary. This vulnerability is fixed in 0.32.0 and 1.16.0.

Action-Not Available
Vendor-axiosaxiosRed Hat, Inc.
Product-axiosaxiosRed Hat Advanced Cluster Security for Kubernetes 4.9Red Hat Satellite 6.19Red Hat OpenShift Container Platform 4.21Red Hat Ansible Automation Platform 2.6 for RHEL 9Red Hat Quay 3.16OpenShift PipelinesRed Hat OpenShift Service Mesh 3.3Red Hat OpenShift Container Platform 4.15Red Hat Advanced Cluster Management for Kubernetes 2.14Red Hat OpenShift Service Mesh 3.2Red Hat Advanced Cluster Management for Kubernetes 2.11Red Hat OpenShift Service Mesh 2.6Red Hat 3scale API Management Platform 2Red Hat Build of Podman Desktop - Tech PreviewRed Hat Discovery 2Red Hat Developer Hub 1.10Red Hat Quay 3.10multicluster engine for Kubernetes 2.6Network Observability OperatorRed Hat OpenShift AI (RHOAI)multicluster engine for Kubernetes 2.9multicluster engine for Kubernetes 2.8Self-service automation portal 2Red Hat Trusted Profile AnalyzerRed Hat OpenShift Service Mesh 3.1Red Hat Advanced Cluster Security for Kubernetes 4.10Red Hat Fuse 7Gatekeeper 3Red Hat Advanced Cluster Management for Kubernetes 2.13Migration Toolkit for ContainersRed Hat build of Apicurio Registry 3Red Hat Quay 3.9Red Hat OpenShift Container Platform 4.14Red Hat Ansible Automation Platform 2.6Red Hat build of Apache Camel for Spring Boot 4Red Hat Enterprise Linux 9Red Hat Data Grid 8Red Hat Enterprise Linux AI (RHEL AI) 3OpenShift Service Mesh 3Red Hat Trusted Artifact SignerRed Hat Ansible Automation Platform 2Red Hat Enterprise Linux 8Red Hat build of Apache Camel - HawtIO 4Red Hat OpenShift Service Mesh 3Cryostat 4Red Hat OpenShift Virtualization 4Red Hat Developer Hub 1.9Red Hat OpenShift Container Platform 4.20Migration Toolkit for Applications 8Red Hat OpenShift Dev Spaces 3.29Red Hat OpenShift Container Platform 4.16Red Hat AMQ Broker 7Red Hat OpenShift Container Platform 4
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-58011
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.34% / 26.61%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 12:57
Updated-02 Jul, 2026 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime

A flaw was found in GLib. An out-of-bounds read of only 2 bytes can occur in the g_date_time_get_ymd function in the glib/gdatetime.c file when an invalid GDateTime object produced by the g_date_time_add_full function is processed. This flaw can corrupt the date output and potentially cause logic errors that may lead to a denial of service.

Action-Not Available
Vendor-The GNOME ProjectRed Hat, Inc.
Product-enterprise_linuxglibRed Hat Enterprise Linux 7Red Hat Hardened ImagesRed Hat Enterprise Linux 9Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8GLibRed Hat Enterprise Linux 6
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-2586
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.51% / 40.01%
||
7 Day CHG~0.00%
Published-31 Mar, 2025 | 11:33
Updated-25 Jun, 2026 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ols: unauthenticated metrics flooding in openshift lightspeed service leading to resource exhaustion

A flaw was found in the OpenShift Lightspeed Service, which is vulnerable to unauthenticated API request flooding. Repeated queries to non-existent endpoints inflate metrics storage and processing, consuming excessive resources. This issue can lead to monitoring system degradation, increased disk usage, and potential service unavailability. Since the issue does not require authentication, an external attacker can exhaust CPU, RAM, and disk space, impacting both application and cluster stability.

Action-Not Available
Vendor-Red Hat, Inc.
Product-OpenShift Lightspeed
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-5807
Matching Score-8
Assigner-HashiCorp Inc.
ShareView Details
Matching Score-8
Assigner-HashiCorp Inc.
CVSS Score-7.5||HIGH
EPSS-0.72% / 49.71%
||
7 Day CHG~0.00%
Published-17 Apr, 2026 | 03:22
Updated-15 Jul, 2026 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations

Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This vulnerability, CVE-2026-5807, is fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0.

Action-Not Available
Vendor-Red Hat, Inc.HashiCorp, Inc.
Product-vaultVault EnterpriseVaultRed Hat Openshift Data Foundation 4Red Hat OpenShift Container Platform 4
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-5497
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.5||HIGH
EPSS-0.54% / 41.99%
||
7 Day CHG~0.00%
Published-11 Jun, 2026 | 08:31
Updated-15 Jul, 2026 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unbounded Frame Count in video/jpeg Base64 Data URL Processing Leads to OOM DoS in vllm-project/vllm

vLLM versions 0.8.0 and later are vulnerable to an Out-of-Memory (OOM) Denial of Service (DoS) attack due to unbounded frame count processing in the `VideoMediaIO.load_base64()` method. When processing `video/jpeg` data URLs, the method splits the base64 data string on commas to extract individual JPEG frames without enforcing a frame count limit. An attacker can exploit this by crafting a single API request containing thousands of comma-separated base64-encoded JPEG frames in a data URL, causing the server to decode all frames into memory and crash due to excessive memory consumption. This vulnerability is reachable via the OpenAI-compatible chat completions API and does not require authentication.

Action-Not Available
Vendor-vllmvllm-projectRed Hat, Inc.
Product-vllmvllm-project/vllmRed Hat AI Inference ServerRed Hat OpenShift AI (RHOAI)Red Hat Enterprise Linux AI (RHEL AI) 3
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-53460
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 26.83%
||
7 Day CHG~0.00%
Published-10 Jun, 2026 | 22:02
Updated-15 Jul, 2026 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImageMagick: Policy Bypass can trigger out-of-Memory condition

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, a missing check for maximum memory request in AcquireAlignedMemory could trigger an out-of-Memory condition. This issue has been patched in versions 6.9.13-50 and 7.1.2-25.

Action-Not Available
Vendor-Red Hat, Inc.ImageMagick Studio LLC
Product-imagemagickImageMagickRed Hat Enterprise Linux 6Red Hat Enterprise Linux 7 Extended Lifecycle Support
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-54297
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.39% / 31.41%
||
7 Day CHG~0.00%
Published-24 Jun, 2026 | 15:50
Updated-17 Jul, 2026 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Faraday: Uncontrolled recursion in NestedParamsEncoder allows stack exhaustion DoS via deeply nested query parameters

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. From 1.0.0 until 1.10.6 and 2.14.3, Faraday::NestedParamsEncoder, the default nested query parameter encoder/decoder in Faraday, decodes nested query strings without enforcing a maximum nesting depth. A crafted query string causes Faraday to build a deeply nested Ruby Hash structure. The internal dehash routine then recursively walks this attacker-controlled structure without a depth limit. At sufficient depth, Ruby raises an uncaught SystemStackError (stack level too deep), crashing the calling thread or worker. This can lead to denial of service in applications that pass attacker-controlled query strings to Faraday's nested query parsing or URL-building paths. This vulnerability is fixed in 1.10.6 and 2.14.3.

Action-Not Available
Vendor-faraday_projectlostislandRed Hat, Inc.
Product-faradayfaradayRed Hat 3scale API Management Platform 2Red Hat Satellite 6
CWE ID-CWE-674
Uncontrolled Recursion
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-53461
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 27.59%
||
7 Day CHG~0.00%
Published-10 Jun, 2026 | 22:03
Updated-15 Jul, 2026 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImageMagick: Out-of-bounds write in ICON decoder due to incorrect loop

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, an incorrect loop in the ICON decoder can result in an out of bounds heap write resulting in a crash. This issue has been patched in versions 6.9.13-50 and 7.1.2-25.

Action-Not Available
Vendor-Red Hat, Inc.ImageMagick Studio LLC
Product-imagemagickImageMagickRed Hat Enterprise Linux 7Red Hat Enterprise Linux 6
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-5201
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.07% / 61.06%
||
7 Day CHG~0.00%
Published-31 Mar, 2026 | 08:32
Updated-15 Jul, 2026 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions.

Action-Not Available
Vendor-The GNOME ProjectRed Hat, Inc.
Product-enterprise_linux_server_ausenterprise_linuxenterprise_linux_server_tusgdk-pixbufRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 6Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat AI Inference Server 3.3Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8Red Hat AI Inference Server 3.2Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 10.0 Extended Update SupportRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 6Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat AI Inference Server 3.3Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8Red Hat AI Inference Server 3.2Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 10.0 Extended Update Support
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2026-50589
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.43% / 35.10%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:59
Updated-16 Jul, 2026 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash.

Action-Not Available
Vendor-Red Hat, Inc.OpenStack
Product-ironicIronicRed Hat OpenStack Platform 16.2Red Hat OpenStack Platform 17.1Red Hat OpenShift Container Platform 4Red Hat OpenStack Platform 18.0
CWE ID-CWE-502
Deserialization of Untrusted Data
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-5038
Matching Score-8
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
ShareView Details
Matching Score-8
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
CVSS Score-5.3||MEDIUM
EPSS-0.28% / 19.84%
||
7 Day CHG~0.00%
Published-15 Jun, 2026 | 14:23
Updated-16 Jun, 2026 | 16:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads

Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe() call does not propagate the stream destroy signal to the underlying fs.WriteStream. An attacker can exhaust disk space by triggering many aborted uploads, with no application bug required. Patches: Users should upgrade to multer 2.2.0 (2.x line) or 3.0.0-alpha.2 (3.x prerelease). Both versions track in-flight write streams and clean them up on the abort path. Workarounds: None.

Action-Not Available
Vendor-multerExpress (OpenJS Foundation)
Product-multermulter
CWE ID-CWE-459
Incomplete Cleanup
CVE-2026-50011
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.38% / 30.26%
||
7 Day CHG~0.00%
Published-12 Jun, 2026 | 14:52
Updated-15 Jul, 2026 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netty has unbounded pre-allocation in RedisArrayAggregator from RESP array length

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial capacity equal to the RESP array element count declared in an array header. That count is taken from the wire before the corresponding child messages exist. A small malicious header can claim a huge initial capacity. Versions 4.1.135.Final and 4.2.15.Final patch the issue.

Action-Not Available
Vendor-Red Hat, Inc.The Netty Project
Product-nettynettyRed Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16Red Hat Fuse 7Red Hat Single Sign-On 7Red Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-49975
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-11.47% / 95.53%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 15:26
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apache HTTP Server: mod_http2 denial of service

Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67.

Action-Not Available
Vendor-F5, Inc.The Apache Software FoundationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxhttp_serverApache HTTP ServerJBoss Core Services for RHEL 8Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-OnRed Hat JBoss Web Server 5Red Hat Enterprise Linux 10Red Hat JBoss Core Services 2.4.62.SP4Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9Red Hat OpenShift Service Mesh 2.6Red Hat Enterprise Linux 8Red Hat JBoss Core ServicesRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Hardened ImagesJBoss Core Services on RHEL 7
CWE ID-CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2026-5079
Matching Score-8
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
ShareView Details
Matching Score-8
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
CVSS Score-7.5||HIGH
EPSS-0.28% / 19.84%
||
7 Day CHG~0.00%
Published-15 Jun, 2026 | 13:56
Updated-16 Jun, 2026 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
multer vulnerable to Denial of Service via deeply nested field names

Impact: multer versions 1.0.0 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service via deeply nested field names in multipart form data. The append-field dependency parses bracket notation in field names with no limit on nesting depth, allowing an attacker to force allocation of deeply nested object structures that consume CPU and memory. A single HTTP request with a crafted multipart body is sufficient to exploit this. Patches: Users should upgrade to multer 2.2.0 (2.x line) or 3.0.0-alpha.2 (3.x prerelease) and configure the new limits.fieldNestingDepth option to the minimum depth their application requires. Workarounds: Set limits.fields to a reasonable value to reduce the number of fields an attacker can send per request. This does not fully mitigate the issue but limits the impact.

Action-Not Available
Vendor-multerExpress (OpenJS Foundation)
Product-multermulter
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-5172
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.3||HIGH
EPSS-2.68% / 84.15%
||
7 Day CHG+1.75%
Published-11 May, 2026 | 16:48
Updated-15 Jul, 2026 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE-2026-5172

A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end.

Action-Not Available
Vendor-dnsmasqRed Hat, Inc.
Product-dnsmasqRed Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat OpenShift Container Platform 4
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-49851
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.7||HIGH
EPSS-0.35% / 27.28%
||
7 Day CHG~0.00%
Published-24 Jun, 2026 | 17:05
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mistune: Potential DoS via quadratic-time parsing in parse_link_text

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear (approximately O(n²)) behavior in parse_link_text. When parsing Markdown containing many consecutive [ characters, parse_link_text repeatedly scans the input using a regex search inside a loop. Each iteration re-scans a large portion of the remaining string, resulting in quadratic-time behavior. An attacker-controlled Markdown input can therefore trigger excessive CPU usage with a very small payload. This vulnerability is fixed in 3.3.0.

Action-Not Available
Vendor-leptureRed Hat, Inc.
Product-mistuneMigration Toolkit for Applications 8Red Hat OpenShift AI (RHOAI)Red Hat Satellite 6Red Hat OpenShift Container Platform 4
CWE ID-CWE-1333
Inefficient Regular Expression Complexity
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-407
Inefficient Algorithmic Complexity
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-48748
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.37% / 28.83%
||
7 Day CHG~0.00%
Published-12 Jun, 2026 | 14:45
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netty HTTP/3 QPACK Blocked Streams Memory Exhaustion

Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, a memory exhaustion vulnerability in the Netty HTTP/3 codec allows the creation of an infinite number of blocked streams, which can cause OOM error. Version 4.2.15.Final patches the issue.

Action-Not Available
Vendor-Red Hat, Inc.The Netty Project
Product-nettynettyRed Hat build of Apache Camel - HawtIO 4
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-48863
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.81% / 52.83%
||
7 Day CHG~0.00%
Published-16 Jul, 2026 | 00:46
Updated-18 Jul, 2026 | 03:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libsolv: stack-based buffer overflow in libsolv eddsa pgp signature verification allows denial of service

A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when copying EdDSA 's' MPI into a stack buffer. A remote attacker could craft a malicious Ed25519 PGP signature with mismatched MPI lengths. Processing this crafted signature could lead to a denial of service in automated package or repository processing workflows.

Action-Not Available
Vendor-Red Hat, Inc.openSUSE
Product-Red Hat Enterprise Linux 9Red Hat Enterprise Linux 7libsolvRed Hat Enterprise Linux 8Red Hat Update Infrastructure 4 for Cloud ProvidersRed Hat Satellite 6Red Hat Enterprise Linux 10Red Hat Hardened ImagesRed Hat OpenShift Container Platform 4Red Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Update Infrastructure 4 for Cloud ProvidersRed Hat Satellite 6Red Hat Enterprise Linux 10Red Hat Hardened ImagesRed Hat OpenShift Container Platform 4
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-49218
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 26.83%
||
7 Day CHG~0.00%
Published-10 Jun, 2026 | 21:59
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImageMagick: Policy Bypass in DCM decoder could result in image with invalid dimensions

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-24, a missing check in the DCM decoder could result in an image with invalid dimensions and that could cause crashes in other operation. This issue has been patched in versions 6.9.13-48 and 7.1.2-24.

Action-Not Available
Vendor-Red Hat, Inc.ImageMagick Studio LLC
Product-imagemagickImageMagickRed Hat Enterprise Linux 6Red Hat Enterprise Linux 7 Extended Lifecycle Support
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CWE ID-CWE-20
Improper Input Validation
CVE-2026-48933
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-2.81% / 84.91%
||
7 Day CHG~0.00%
Published-26 Jun, 2026 | 01:14
Updated-16 Jul, 2026 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw in Node.js WebCrypto implementation can crash the process if the input of `subtle.encrypt()` is a multiple of 2GiB. This vulnerability affects all supported release lines: **Node.js 22**, **Node.js 24**, and **Node.js 26**.

Action-Not Available
Vendor-Red Hat, Inc.Node.js (OpenJS Foundation)
Product-node.jsnodeRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat Enterprise Linux 10.0 Extended Update SupportRed Hat Hardened Images
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-4890
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-7.24% / 93.63%
||
7 Day CHG~0.00%
Published-11 May, 2026 | 16:47
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE-2026-4890

A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.

Action-Not Available
Vendor-dnsmasqRed Hat, Inc.
Product-dnsmasqRed Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat OpenShift Container Platform 4
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2026-4926
Matching Score-8
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
ShareView Details
Matching Score-8
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
CVSS Score-7.5||HIGH
EPSS-0.79% / 52.20%
||
7 Day CHG~0.00%
Published-26 Mar, 2026 | 18:59
Updated-17 Jul, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
path-to-regexp vulnerable to Denial of Service via sequential optional groups

Impact: A bad regular expression is generated any time you have multiple sequential optional groups (curly brace syntax), such as `{a}{b}{c}:z`. The generated regex grows exponentially with the number of groups, causing denial of service. Patches: Fixed in version 8.4.0. Workarounds: Limit the number of sequential optional groups in route patterns. Avoid passing user-controlled input as route patterns.

Action-Not Available
Vendor-pillarjspath-to-regexpRed Hat, Inc.
Product-path-to-regexppath-to-regexpRed Hat Developer Hub 1.8Cryostat 4 on RHEL 9Red Hat Ansible Automation Platform 2.6 for RHEL 9Red Hat build of Apicurio Registry 2Red Hat Openshift Data Foundation 4Red Hat Process Automation 7Red Hat Quay 3Red Hat OpenShift distributed tracing 3.9.3Red Hat Developer HubMulticluster Engine for KubernetesOpenShift PipelinesRed Hat Trusted Artifact Signer 1.3Migration Toolkit for Virtualization 2.9Migration Toolkit for Virtualization 2.1Red Hat Build of Podman DesktopRed Hat JBoss Enterprise Application Platform 7Red Hat Satellite 6Red Hat OpenShift GitOpsRed Hat Edge Manager 1.1Red Hat JBoss Enterprise Application Platform 8Network Observability OperatorRed Hat OpenShift AI (RHOAI)OpenShift Service Mesh 2Self-service automation portal 2Red Hat Trusted Profile AnalyzerRed Hat Fuse 7Red Hat Enterprise Linux 10Red Hat Ansible Automation Platform 2.5 for RHEL 8Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat Advanced Cluster Management for Kubernetes 2Logging Subsystem for Red Hat OpenShiftRed Hat Ansible Automation Platform 2.5 for RHEL 9Red Hat Enterprise Linux 9Red Hat Data Grid 8OpenShift Service Mesh 3Red Hat Ansible Automation Platform 2Red Hat Enterprise Linux 8Red Hat build of Apache Camel - HawtIO 4Red Hat OpenShift Dev Spaces 3.27Cryostat 4Red Hat Advanced Cluster Security 4Red Hat OpenShift Virtualization 4Red Hat Developer Hub 1.9Migration Toolkit for Applications 8OpenShift LightspeedRed Hat Single Sign-On 7Red Hat Ansible Automation Platform 2.6Red Hat AMQ Broker 7Red Hat Edge Manager 1.0Red Hat OpenShift Container Platform 4
CWE ID-CWE-1333
Inefficient Regular Expression Complexity
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-47774
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.81% / 53.00%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 16:58
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Envoy vulnerable to HTTP/2 memory exhaustion via cookie header size bypass and HPACK amplification

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentially resulting in OOM termination of the Envoy process and denial of service. The issue arises from the combination of two behaviors. First, cookie header bytes are not fully accounted for during request header size validation in Envoy. Second, HPACK header block limits in oghttp2/quiche are enforced on encoded bytes without a corresponding limit on total decoded header size. Together, these behaviors allow a malicious client to cause large decoded header allocations while bypassing the intended request header size protections. Versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1 contain a fix. No complete workaround is known short of applying a fix. Possible temporary mitigations include disabling downstream HTTP/2 where operationally feasible; enforcing stricter request header and cookie limits before traffic reaches Envoy; and monitoring Envoy memory usage for abnormal growth under HTTP/2 traffic.

Action-Not Available
Vendor-envoyproxyenvoyproxyRed Hat, Inc.
Product-envoyopenshift_service_meshenvoyRed Hat OpenShift Service Mesh 2.6Red Hat OpenShift Service Mesh 3Red Hat OpenShift Service Mesh 3.1Red Hat OpenShift Service Mesh 3.3Red Hat OpenShift Service Mesh 3.2
CWE ID-CWE-405
Asymmetric Resource Consumption (Amplification)
CWE ID-CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-4699
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-0.69% / 48.58%
||
7 Day CHG~0.00%
Published-24 Mar, 2026 | 12:30
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect boundary conditions in the Layout: Text and Fonts component

Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxThunderbirdFirefoxRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 10.0 Extended Update Support
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-4695
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-0.69% / 48.58%
||
7 Day CHG~0.00%
Published-24 Mar, 2026 | 12:30
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect boundary conditions in the Audio/Video: Web Codecs component

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxThunderbirdFirefoxRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 10.0 Extended Update Support
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2026-4686
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-0.70% / 49.12%
||
7 Day CHG~0.00%
Published-24 Mar, 2026 | 12:30
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect boundary conditions in the Graphics: Canvas2D component

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxThunderbirdFirefoxRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 10.0 Extended Update Support
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-47220
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.66% / 47.67%
||
7 Day CHG~0.00%
Published-26 Jun, 2026 | 18:02
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Envoy: Segmentation fault when using %REQUESTED_SERVER_NAME% in log format

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTED_SERVER_NAME(X:Y)% is used in log format and host related options is specified, like HOST_FIRST, SNI_FIRST, it's possible to crash Envoy when the specified host header is missing in the request headers. This vulnerability is fixed in 1.37.5 and 1.38.3.

Action-Not Available
Vendor-envoyproxyenvoyproxyRed Hat, Inc.
Product-envoyenvoyOpenShift Service Mesh 2OpenShift Service Mesh 3
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-4694
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-0.77% / 51.59%
||
7 Day CHG~0.00%
Published-24 Mar, 2026 | 12:30
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect boundary conditions, integer overflow in the Graphics component

Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-thunderbirdfirefoxThunderbirdFirefoxRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 10.0 Extended Update Support
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2026-4685
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-0.69% / 48.58%
||
7 Day CHG~0.00%
Published-24 Mar, 2026 | 12:30
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect boundary conditions in the Graphics: Canvas2D component

Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxThunderbirdFirefoxRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 10.0 Extended Update Support
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-48059
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.7||HIGH
EPSS-0.61% / 45.04%
||
7 Day CHG~0.00%
Published-12 Jun, 2026 | 14:42
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE_SSL TLV Parsing Leads to Memory Exhaustion

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nested `PP2_TYPE_SSL` TLVs (type-length-value records) at depth two or greater. The leak occurs on the successful parse path — no exception is thrown, the message fires downstream, the decoder removes itself, and the application releases the `HAProxyMessage` normally. Yet the underlying cumulation buffer (a pooled, potentially direct `ByteBuf` allocated by the channel) remains permanently pinned. Versions 4.1.135.Final and 4.2.15.Final patch the issue.

Action-Not Available
Vendor-Red Hat, Inc.The Netty Project
Product-nettynettyRed Hat Build of KeycloakRed Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16Red Hat Fuse 7Streams for Apache Kafka 2.9.4Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat build of Apicurio Registry 3Red Hat build of Quarkus 3.33.2.SP1Red Hat Data Grid 8streams for Apache Kafka 3Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1Red Hat build of Debezium 3Red Hat build of Apache Camel - HawtIO 4Red Hat JBoss Enterprise Application Platform 7Red Hat Satellite 6Cryostat 4OpenShift ServerlessRed Hat build of Quarkus 3.27.4.SP1Red Hat build of Apache Camel 4 for Quarkus 3Red Hat OpenShift Dev Spaces 3.29Red Hat Single Sign-On 7Red Hat AMQ Broker 7Red Hat OpenShift AI (RHOAI)
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2026-4693
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-0.69% / 48.58%
||
7 Day CHG~0.00%
Published-24 Mar, 2026 | 12:30
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect boundary conditions in the Audio/Video: Playback component

Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

Action-Not Available
Vendor-Red Hat, Inc.Mozilla Corporation
Product-firefoxThunderbirdFirefoxRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 10.0 Extended Update Support
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2026-4602
Matching Score-8
Assigner-Snyk
ShareView Details
Matching Score-8
Assigner-Snyk
CVSS Score-8.7||HIGH
EPSS-0.50% / 39.27%
||
7 Day CHG~0.00%
Published-23 Mar, 2026 | 05:00
Updated-16 Jul, 2026 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Versions of the package jsrsasign before 11.1.1 are vulnerable to Incorrect Conversion between Numeric Types due to handling negative exponents in ext/jsbn2.js. An attacker can force the computation of incorrect modular inverses and break signature verification by calling modPow with a negative exponent.

Action-Not Available
Vendor-kjurn/aRed Hat, Inc.
Product-jsrsasignjsrsasignorg.webjars.npm:jsrsasignMigration Toolkit for Virtualization 2.9Migration Toolkit for Virtualization 2.1Red Hat Quay 3.12Red Hat Quay 3.10Red Hat Quay 3.16Red Hat Quay 3.9Red Hat Quay 3.15
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2026-45664
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.44% / 35.70%
||
7 Day CHG~0.00%
Published-10 Jun, 2026 | 21:30
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImageMagick: Policy Bypass in MNG coder could

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use. This issue has been patched in versions 6.9.13-47 and 7.1.2-22.

Action-Not Available
Vendor-Red Hat, Inc.ImageMagick Studio LLC
Product-imagemagickImageMagickRed Hat Enterprise Linux 6Red Hat Enterprise Linux 7 Extended Lifecycle Support
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-407
Inefficient Algorithmic Complexity
CWE ID-CWE-674
Uncontrolled Recursion
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-4598
Matching Score-8
Assigner-Snyk
ShareView Details
Matching Score-8
Assigner-Snyk
CVSS Score-8.7||HIGH
EPSS-0.55% / 42.53%
||
7 Day CHG~0.00%
Published-23 Mar, 2026 | 05:00
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Versions of the package jsrsasign before 11.1.1 are vulnerable to Infinite loop via the bnModInverse function in ext/jsbn2.js when the BigInteger.modInverse implementation receives zero or negative inputs, allowing an attacker to hang the process permanently by supplying such crafted values (e.g., modInverse(0, m) or modInverse(-1, m)).

Action-Not Available
Vendor-kjurn/aRed Hat, Inc.
Product-jsrsasignjsrsasignorg.webjars.npm:jsrsasignMigration Toolkit for Virtualization 2.9Migration Toolkit for Virtualization 2.1Red Hat Quay 3.12Red Hat Quay 3.10Red Hat Quay 3.16Red Hat Quay 3.9Red Hat Quay 3.15
CWE ID-CWE-1287
Improper Validation of Specified Type of Input
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2026-46523
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.30% / 22.08%
||
7 Day CHG~0.00%
Published-10 Jun, 2026 | 21:22
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImageMagick: Use-After-Free in MSL decoder.

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, a crafted MSL image can trigger a heap-use-after-free. Versions 7.1.2.23 and 6.9.13-48 fix the issue.

Action-Not Available
Vendor-Red Hat, Inc.ImageMagick Studio LLC
Product-imagemagickImageMagickRed Hat Enterprise Linux 6Red Hat Enterprise Linux 7 Extended Lifecycle Support
CWE ID-CWE-416
Use After Free
CWE ID-CWE-825
Expired Pointer Dereference
CVE-2026-46384
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.7||HIGH
EPSS-0.44% / 35.36%
||
7 Day CHG+0.04%
Published-29 May, 2026 | 19:58
Updated-17 Jul, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iskorotkov/avro: Integer Overflow in Avro Decoder

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before bounds-checking, or summed them with overflow-prone signed-int arithmetic. On 32-bit targets (GOARCH=386, arm, mips, wasm, etc.), the truncation paths can silently bypass byte-slice limits, select the wrong union branch, or hit the OCF negative-make panic via wrap. Three sub-issues are not 32-bit-specific: cumulative-size arithmetic overflow in arrayDecoder.Decode / mapDecoder.Decode / mapDecoderUnmarshaler.Decode (wraps at math.MaxInt64 on amd64 / arm64 and bypasses MaxSliceAllocSize / MaxMapAllocSize), math.MinInt negation in block-header handling, and make([]byte, size) with a negative size in OCF block reads — all three panic or bypass caps on any platform, giving an attacker a denial-of-service primitive there. This vulnerability is fixed in 2.33.0.

Action-Not Available
Vendor-iskorotkovRed Hat, Inc.
Product-avroRed Hat Enterprise Linux 9Red Hat Advanced Cluster Management for Kubernetes 2.11Red Hat Enterprise Linux 8Cryostat 4Red Hat Advanced Cluster Management for Kubernetes 2.13Red Hat Enterprise Linux 10Red Hat Hardened ImagesMulticluster Global Hub 1.4.5
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2026-46385
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.7||HIGH
EPSS-0.41% / 33.68%
||
7 Day CHG+0.04%
Published-29 May, 2026 | 19:58
Updated-17 Jul, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iskorotkov/avro: CPU Exhaustion in Avro Decoder

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro array and map decoders looped over an attacker-controlled block-count value without checking the underlying reader's error state inside the loop body. Reader.ReadBlockHeader returns the count as a Go int, which is 64-bit on amd64 / arm64 targets — so a producer can declare a block of up to math.MaxInt64 (~9.2 × 10¹⁸) elements followed by EOF (or any truncated payload), and the decoder will attempt that many no-op iterations before propagating the error. The realistic ceiling is "indefinite until the worker is killed externally" — a single hostile payload pins a CPU core until the process is OOM-killed, deadline-cancelled, or terminated. Remote, unauthenticated denial-of-service. This vulnerability is fixed in 2.33.0.

Action-Not Available
Vendor-iskorotkovRed Hat, Inc.
Product-avroRed Hat Enterprise Linux 9Red Hat Advanced Cluster Management for Kubernetes 2.11Red Hat Enterprise Linux 8Cryostat 4Red Hat Advanced Cluster Management for Kubernetes 2.13Red Hat Enterprise Linux 10Red Hat Hardened ImagesMulticluster Global Hub 1.4.5
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2026-46520
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.44% / 35.70%
||
7 Day CHG~0.00%
Published-10 Jun, 2026 | 21:31
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImageMagick: Heap Buffer Over-Write in IPL decoder when reading multiple images of different dimensions

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, when reading multiple images with different dimensions an out of bounds heap write can occur. This issue has been patched in versions 6.9.13-48 and 7.1.2-23.

Action-Not Available
Vendor-Red Hat, Inc.ImageMagick Studio LLC
Product-imagemagickImageMagickRed Hat Enterprise Linux 6Red Hat Enterprise Linux 7 Extended Lifecycle Support
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-45591
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-2.43% / 82.41%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 17:05
Updated-15 Jul, 2026 | 20:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASP.NET Core Denial of Service Vulnerability

Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network.

Action-Not Available
Vendor-Microsoft CorporationRed Hat, Inc.Apple Inc.Linux Kernel Organization, Inc
Product-visual_studio_2026macos.netlinux_kernelasp.net_corewindowsMicrosoft Visual Studio 2026 version 18.6.NET 9.0ASP.NET Core 9.0.NET 10.0ASP.NET Core 10.0ASP.NET Core 8.0.NET 8.0Red Hat Enterprise Linux 9Red Hat Enterprise Linux 9.6 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat Enterprise Linux 10.0 Extended Update SupportRed Hat Enterprise Linux 9.4 Update Services for SAP SolutionsRed Hat Hardened Images
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-4634
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.52% / 40.90%
||
7 Day CHG~0.00%
Published-02 Apr, 2026 | 12:44
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Keycloak: keycloak: denial of service via excessive processing of openid connect scope parameters

A flaw was found in Keycloak. An unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with an excessively long scope parameter to the OpenID Connect (OIDC) token endpoint. This leads to high resource consumption and prolonged processing times, ultimately resulting in a Denial of Service (DoS) for the Keycloak server.

Action-Not Available
Vendor-Red Hat, Inc.
Product-build_of_keycloakRed Hat build of Keycloak 26.2Red Hat build of Keycloak 26.2.15Red Hat build of Keycloak 26.4Red Hat build of Keycloak 26.4.11Red Hat build of Keycloak 26.2Red Hat build of Keycloak 26.2.15Red Hat build of Keycloak 26.4Red Hat build of Keycloak 26.4.11
CWE ID-CWE-1050
Excessive Platform Resource Consumption within a Loop
CVE-2023-39180
Matching Score-8
Assigner-Fedora Project
ShareView Details
Matching Score-8
Assigner-Fedora Project
CVSS Score-4||MEDIUM
EPSS-1.38% / 69.07%
||
7 Day CHG~0.00%
Published-18 Nov, 2024 | 09:53
Updated-06 Aug, 2025 | 13:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: ksmbd: read request memory leak denial-of-service vulnerability

A flaw was found within the handling of SMB2_READ commands in the kernel ksmbd module. The issue results from not releasing memory after its effective lifetime. An attacker can leverage this to create a denial-of-service condition on affected installations of Linux. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-46522
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.85% / 76.71%
||
7 Day CHG~0.00%
Published-10 Jun, 2026 | 21:30
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ImageMagick: Infinite Loop in the MIFF decoder can lead to CPU exhaustion

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the issue.

Action-Not Available
Vendor-Red Hat, Inc.ImageMagick Studio LLC
Product-imagemagickImageMagickRed Hat Enterprise Linux 6Red Hat Enterprise Linux 7 Extended Lifecycle Support
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2026-44893
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.59% / 44.46%
||
7 Day CHG~0.00%
Published-12 Jun, 2026 | 14:00
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netty: HAProxy SSL TLV parsing leaks retained slice on invalid TLV length

Netty is a network application framework for development of protocol servers and clients. In netty-codec-haproxy prior to versions 4.1.135.Final and 4.2.15.Final, when decoding a PP2_TYPE_SSL TLV, HAProxyMessage.readNextTLV() first calls `header.retainedSlice(header.readerIndex(), length)` and only then reads the 1-byte client field and 4-byte verify field. If the attacker sets the TLV length below 5, the subsequent readByte/readInt throws IndexOutOfBoundsException. HAProxyMessageDecoder only catches HAProxyProtocolException around this call, so the IOOBE propagates and the retained slice on the pooled cumulation buffer is never released. Versions 4.1.135.Final and 4.2.15.Final patch the issue.

Action-Not Available
Vendor-Red Hat, Inc.The Netty Project
Product-nettynettyRed Hat Build of KeycloakRed Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16Red Hat Fuse 7Streams for Apache Kafka 2.9.4Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat build of Apicurio Registry 3Red Hat build of Quarkus 3.33.2.SP1Red Hat Data Grid 8streams for Apache Kafka 3Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1Red Hat build of Debezium 3Red Hat build of Apache Camel - HawtIO 4Red Hat JBoss Enterprise Application Platform 7Red Hat Satellite 6Cryostat 4OpenShift ServerlessRed Hat build of Quarkus 3.27.4.SP1Red Hat build of Apache Camel 4 for Quarkus 3Red Hat OpenShift Dev Spaces 3.29Red Hat Single Sign-On 7Red Hat AMQ Broker 7Red Hat OpenShift AI (RHOAI)
CWE ID-CWE-703
Improper Check or Handling of Exceptional Conditions
CWE ID-CWE-805
Buffer Access with Incorrect Length Value
CVE-2026-44577
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.72% / 49.84%
||
7 Day CHG+0.02%
Published-13 May, 2026 | 17:00
Updated-16 Jul, 2026 | 12:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Next.js: Denial of Service in the Image Optimization API

Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could cause out-of-memory conditions by requesting large local assets from the /_next/image endpoint that match the images.localPatterns configuration (by default, all patterns are allowed). This vulnerability is fixed in 15.5.16 and 16.2.5.

Action-Not Available
Vendor-vercelvercelRed Hat, Inc.
Product-next.jsnext.jsRed Hat Enterprise Linux 9Red Hat Enterprise Linux 7streams for Apache Kafka 3Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Streams for Apache Kafka 2.9.4Red Hat Trusted Artifact Signer 1.4Red Hat Enterprise Linux AI (RHEL AI) 3
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-44390
Matching Score-8
Assigner-NLnet Labs
ShareView Details
Matching Score-8
Assigner-NLnet Labs
CVSS Score-6.9||MEDIUM
EPSS-0.56% / 42.68%
||
7 Day CHG~0.00%
Published-20 May, 2026 | 09:21
Updated-16 Jul, 2026 | 12:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unbounded name compression in certain cases causes degradation of service

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability when handling replies with very large RRsets that Unbound needs to perform name compression for. Malicious upstream responses with very large RRsets with records that don't share a suffix above the root can cause Unbound to spend a considerable time applying name compression to downstream replies. This can lead to degraded performance and eventually denial of service in well orchestrated attacks. An adversary can exploit the vulnerability by querying Unbound for the specially crafted contents of a malicious zone with very large RRsets. Before Unbound replies to the query it will try to apply name compression which was an unbounded operation that could lock the CPU until the whole packet was complete. A compression limit was introduced in 1.21.1 for this but it didn't account for the case where records would not share any suffix above the root. That causes Unbound to go in a different code path because of the compression tree lookup failure and eventually not increment the compression counter for those operations. Unbound 1.25.1 contains a patch with a fix that increments the compression counter regardless of the compression tree lookup. This is a complement fix to CVE-2024-8508.

Action-Not Available
Vendor-nlnetlabsNLnet LabsRed Hat, Inc.
Product-unboundUnboundRed Hat Enterprise Linux 9Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat Hardened ImagesRed Hat OpenShift Container Platform 4
CWE ID-CWE-1050
Excessive Platform Resource Consumption within a Loop
CWE ID-CWE-407
Inefficient Algorithmic Complexity
CVE-2010-3872
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.77% / 84.69%
||
7 Day CHG~0.00%
Published-20 Nov, 2010 | 20:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Httpd: mod_fcgid: stack-based buffer overflow in fcgid_header_bucket_read() in modules/fcgid/fcgid_bucket.c

A flaw was found in the mod_fcgid module of httpd. A malformed FastCGI response may result in a stack-based buffer overflow in the modules/fcgid/fcgid_bucket.c file in the fcgid_header_bucket_read() function, resulting in an application crash.

Action-Not Available
Vendor-n/aFedora ProjectThe Apache Software FoundationRed Hat, Inc.
Product-mod_fcgidmod_fcgidRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Fedora
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2026-44250
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.38% / 30.26%
||
7 Day CHG~0.00%
Published-11 Jun, 2026 | 20:49
Updated-15 Jul, 2026 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netty: Memory Exhaustion in RedisArrayAggregator due to Deeply Nested Arrays

Netty is a network application framework for development of protocol servers and clients. In netty-codec-redis prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can cause DoS by sending a crafted Redis payload with deeply nested arrays. This forces the server to allocate a massive number of state objects and collections, leading to memory exhaustion and an OutOfMemoryError. Versions 4.1.135.Final and 4.2.15.Final patch the issue.

Action-Not Available
Vendor-Red Hat, Inc.The Netty Project
Product-nettynettyRed Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat build of Apache Camel 4.18.1.P1 for Spring Boot 3.5.16Red Hat Fuse 7Red Hat Single Sign-On 7Red Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-2240
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.91% / 55.92%
||
7 Day CHG~0.00%
Published-12 Mar, 2025 | 14:55
Updated-06 May, 2026 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Smallrye-fault-tolerance: smallrye fault tolerance

A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory (OOM) issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service (DoS) issue.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat JBoss Enterprise Application Platform 8Red Hat Build of Apache Camel 4.8 for Quarkus 3.15Red Hat build of Apicurio Registry 3Red Hat build of QuarkusRed Hat build of Quarkus 3.15.4Red Hat build of Apache Camel 4.8.5 for Spring BootRed Hat build of Apicurio Registry 2Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat JBoss Enterprise Application Platform 7Red Hat Integration Camel K 1Red Hat Fuse 7
CWE ID-CWE-1325
Improperly Controlled Sequential Memory Allocation
CVE-2026-44579
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.55% / 42.13%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 17:04
Updated-15 Jul, 2026 | 02:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Next.js: Denial of Service via connection exhaustion in applications using Cache Components

Next.js is a React framework for building full-stack web applications. From to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST requests to a server action. In affected configurations, a malicious request can trigger a request-body handling deadlock that leaves connections open for an extended period, consuming file descriptors and server capacity until legitimate users are denied service. This vulnerability is fixed in 15.5.16 and 16.2.5.

Action-Not Available
Vendor-vercelvercelRed Hat, Inc.
Product-next.jsnext.jsRed Hat Enterprise Linux 9Red Hat Enterprise Linux 7streams for Apache Kafka 3Red Hat Enterprise Linux 8Red Hat Enterprise Linux 10Streams for Apache Kafka 2.9.4Red Hat Trusted Artifact Signer 1.4Red Hat Enterprise Linux AI (RHEL AI) 3
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-833
Deadlock
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 7
  • 8
  • Next
Details not found