Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-59892

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-08 Jul, 2026 | 16:03
Updated At-08 Jul, 2026 | 19:41
Rejected At-
Credits

OpenTelemetry JavaScript: Denial of service in `JaegerPropagator` via unhandled exception on a malformed header

OpenTelemetry JavaScript is the OpenTelemetry JavaScript client. Prior to 2.9.0, @opentelemetry/propagator-jaeger decodes incoming uber-trace-id and uberctx-* HTTP header values with decodeURIComponent() without handling decode errors, allowing an unauthenticated remote attacker to send a malformed percent-encoded value that throws an uncaught URIError and terminates a Node.js process using JaegerPropagator as the active propagator. This issue is fixed in version 2.9.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:08 Jul, 2026 | 16:03
Updated At:08 Jul, 2026 | 19:41
Rejected At:
â–¼CVE Numbering Authority (CNA)
OpenTelemetry JavaScript: Denial of service in `JaegerPropagator` via unhandled exception on a malformed header

OpenTelemetry JavaScript is the OpenTelemetry JavaScript client. Prior to 2.9.0, @opentelemetry/propagator-jaeger decodes incoming uber-trace-id and uberctx-* HTTP header values with decodeURIComponent() without handling decode errors, allowing an unauthenticated remote attacker to send a malformed percent-encoded value that throws an uncaught URIError and terminates a Node.js process using JaegerPropagator as the active propagator. This issue is fixed in version 2.9.0.

Affected Products
Vendor
open-telemetry
Product
opentelemetry-js
Versions
Affected
  • < 2.9.0
Problem Types
TypeCWE IDDescription
CWECWE-248CWE-248: Uncaught Exception
Type: CWE
CWE ID: CWE-248
Description: CWE-248: Uncaught Exception
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-45rx-2jwx-cxfr
x_refsource_CONFIRM
https://github.com/open-telemetry/opentelemetry-js/commit/b1c196d49d54caae59741cca0a9d57d101d7ea88
x_refsource_MISC
https://github.com/open-telemetry/opentelemetry-js/releases/tag/v2.9.0
x_refsource_MISC
Hyperlink: https://github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-45rx-2jwx-cxfr
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/open-telemetry/opentelemetry-js/commit/b1c196d49d54caae59741cca0a9d57d101d7ea88
Resource:
x_refsource_MISC
Hyperlink: https://github.com/open-telemetry/opentelemetry-js/releases/tag/v2.9.0
Resource:
x_refsource_MISC
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-45rx-2jwx-cxfr
exploit
Hyperlink: https://github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-45rx-2jwx-cxfr
Resource:
exploit
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:08 Jul, 2026 | 17:17
Updated At:08 Jul, 2026 | 20:16

OpenTelemetry JavaScript is the OpenTelemetry JavaScript client. Prior to 2.9.0, @opentelemetry/propagator-jaeger decodes incoming uber-trace-id and uberctx-* HTTP header values with decodeURIComponent() without handling decode errors, allowing an unauthenticated remote attacker to send a malformed percent-encoded value that throws an uncaught URIError and terminates a Node.js process using JaegerPropagator as the active propagator. This issue is fixed in version 2.9.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
N/A
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-248Secondarysecurity-advisories@github.com
CWE ID: CWE-248
Type: Secondary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/open-telemetry/opentelemetry-js/commit/b1c196d49d54caae59741cca0a9d57d101d7ea88security-advisories@github.com
N/A
https://github.com/open-telemetry/opentelemetry-js/releases/tag/v2.9.0security-advisories@github.com
N/A
https://github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-45rx-2jwx-cxfrsecurity-advisories@github.com
N/A
https://github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-45rx-2jwx-cxfr134c704f-9b21-4f2e-91b3-4a467353bcc0
N/A
Hyperlink: https://github.com/open-telemetry/opentelemetry-js/commit/b1c196d49d54caae59741cca0a9d57d101d7ea88
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/open-telemetry/opentelemetry-js/releases/tag/v2.9.0
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-45rx-2jwx-cxfr
Source: security-advisories@github.com
Resource: N/A
Hyperlink: https://github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-45rx-2jwx-cxfr
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

107Records found

CVE-2026-45685
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.46% / 37.21%
||
7 Day CHG~0.00%
Published-02 Jun, 2026 | 15:25
Updated-03 Jun, 2026 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenTelemetry eBPF Instrumentation: MongoDB parser panics on malformed wire messages

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.1.0 to before version 0.9.0, malformed MongoDB wire messages can trigger uncaught panics in the MongoDB TCP parser, allowing a remote unauthenticated attacker to crash the telemetry agent and cause a denial of service. The parser operates on raw attacker-controlled network payloads before the input is fully validated, so a single crafted message can terminate telemetry collection for the affected process or node. This issue has been patched in version 0.9.0.

Action-Not Available
Vendor-opentelemetryopen-telemetry
Product-ebpf_instrumentationopentelemetry-ebpf-instrumentation
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2023-45142
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.36% / 68.68%
||
7 Day CHG~0.00%
Published-12 Oct, 2023 | 16:33
Updated-13 Feb, 2025 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenTelemetry-Go Contrib has DoS vulnerability in otelhttp due to unbound cardinality metrics

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels `http.user_agent` and `http.method` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP header User-Agent or HTTP method for requests can be easily set by an attacker to be random and long. The library internally uses `httpconv.ServerRequest` that records every value for HTTP `method` and `User-Agent`. In order to be affected, a program has to use the `otelhttp.NewHandler` wrapper and not filter any unknown HTTP methods or User agents on the level of CDN, LB, previous middleware, etc. Version 0.44.0 fixed this issue when the values collected for attribute `http.request.method` were changed to be restricted to a set of well-known values and other high cardinality attributes were removed. As a workaround to stop being affected, `otelhttp.WithFilter()` can be used, but it requires manual careful configuration to not log certain requests entirely. For convenience and safe usage of this library, it should by default mark with the label `unknown` non-standard HTTP methods and User agents to show that such requests were made but do not increase cardinality. In case someone wants to stay with the current behavior, library API should allow to enable it.

Action-Not Available
Vendor-opentelemetryopen-telemetry
Product-opentelemetryopentelemetry-go-contrib
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-54712
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.26% / 17.81%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 21:17
Updated-06 Jul, 2026 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenTelemetry Javaagent RMI context propagation allows resource exhaustion

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.27.0, the RMI context propagation payload reader limits the number of context entries but does not limit the aggregate size of the strings read from the stream. An attacker who can reach an RMI endpoint on an instrumented JVM can send an oversized context propagation payload. This can cause excessive memory allocation while the JVM reads the payload, potentially leading to denial of service. The issue affects only deployments where RMI instrumentation is enabled and an RMI endpoint is network-reachable. This issue has been fixed in version 2.27.0.

Action-Not Available
Vendor-open-telemetryThe Linux Foundation
Product-opentelemetry_instrumentation_for_javaopentelemetry-java-instrumentation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-27513
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 37.54%
||
7 Day CHG~0.00%
Published-05 Mar, 2025 | 18:12
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenTelemetry .NET has a Denial of Service (DoS) Vulnerability in API Package

OpenTelemetry dotnet is a dotnet telemetry framework. A vulnerability in OpenTelemetry.Api package 1.10.0 to 1.11.1 could cause a Denial of Service (DoS) when a tracestate and traceparent header is received. Even if an application does not explicitly use trace context propagation, receiving these headers can still trigger high CPU usage. This issue impacts any application accessible over the web or backend services that process HTTP requests containing a tracestate header. Application may experience excessive resource consumption, leading to increased latency, degraded performance, or downtime. This vulnerability is fixed in 1.11.2.

Action-Not Available
Vendor-open-telemetry
Product-opentelemetry-dotnet
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2023-43810
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.69% / 48.48%
||
7 Day CHG~0.00%
Published-06 Oct, 2023 | 13:53
Updated-19 Sep, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
opentelemetry-instrumentation Denial of Service vulnerability due to unbound cardinality metrics

OpenTelemetry, also known as OTel for short, is a vendor-neutral open-source Observability framework for instrumenting, generating, collecting, and exporting telemetry data such as traces, metrics, logs. Autoinstrumentation out of the box adds the label `http_method` that has unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent. HTTP method for requests can be easily set by an attacker to be random and long. In order to be affected program has to be instrumented for HTTP handlers and does not filter any unknown HTTP methods on the level of CDN, LB, previous middleware, etc. This issue has been patched in version 0.41b0.

Action-Not Available
Vendor-opentelemetryopen-telemetry
Product-opentelemetryopentelemetry-python-contrib
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-45680
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.32% / 23.94%
||
7 Day CHG~0.00%
Published-02 Jun, 2026 | 15:24
Updated-03 Jun, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenTelemetry eBPF Instrumentation: Unbounded BPF internal metrics replay can exhaust CPU

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI replays BPF probe hits into histogram observations by looping once per recorded run count. On busy systems, the run-count delta can become very large, causing the metrics exporter to spend excessive CPU time in a tight loop every collection interval. This issue has been patched in version 0.9.0.

Action-Not Available
Vendor-opentelemetryopen-telemetry
Product-ebpf_instrumentationopentelemetry-ebpf-instrumentation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-834
Excessive Iteration
CVE-2026-45678
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.34% / 26.38%
||
7 Day CHG~0.00%
Published-02 Jun, 2026 | 15:24
Updated-03 Jun, 2026 | 16:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenTelemetry eBPF Instrumentation: Postgres BIND parsing can panic on malformed payloads

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND message payloads contain a valid NUL-terminated portal name. A crafted empty or unterminated payload can make OBI slice beyond the end of the captured buffer and panic. This issue has been patched in version 0.9.0.

Action-Not Available
Vendor-opentelemetryopen-telemetry
Product-ebpf_instrumentationopentelemetry-ebpf-instrumentation
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2026-44902
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.46% / 36.68%
||
7 Day CHG~0.00%
Published-27 May, 2026 | 14:49
Updated-29 May, 2026 | 15:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
opentelemetry-js: Prometheus exporter process crash via malformed HTTP request

opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.217.0, a single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint (default 0.0.0.0:9464) has no error handling around URL parsing, so a request with an invalid URI causes an uncaught TypeError that terminates the process. This vulnerability is fixed in 0.217.0.

Action-Not Available
Vendor-@opentelemetryopen-telemetry
Product-auto-instrumentations-nodesdk-nodeexporter-prometheusopentelemetry-js
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2026-45686
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 27.66%
||
7 Day CHG~0.00%
Published-02 Jun, 2026 | 15:25
Updated-03 Jun, 2026 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenTelemetry eBPF Instrumentation: Memcached payload length overflow can crash OBI

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing memcached storage commands such as set, add, replace, append, prepend, or cas, OBI accepts extremely large <bytes> values and adds the payload delimiter length without checking for overflow. A crafted request with <bytes> set to math.MaxInt or math.MaxInt-1 causes the computed payload length to wrap negative and triggers a runtime panic in LargeBufferReader.Peek. This issue has been patched in version 0.9.0.

Action-Not Available
Vendor-opentelemetryopen-telemetry
Product-ebpf_instrumentationopentelemetry-ebpf-instrumentation
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2026-45292
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.79% / 52.19%
||
7 Day CHG~0.00%
Published-28 May, 2026 | 16:37
Updated-17 Jul, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
opentelemetry-java: Unbounded Memory Allocation in W3C Baggage Propagation

opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggage propagation implementation in opentelemetry-api and opentelemetry-extension-trace-propagators. Parsing oversized baggage causes unbounded memory allocation and CPU consumption. Because baggage is automatically re-injected into every outgoing request, the effect can fan out to downstream services that never received the original malicious request. This vulnerability is fixed in 1.62.0.

Action-Not Available
Vendor-io.opentelemetryopen-telemetryRed Hat, Inc.
Product-opentelemetry-javaopentelemetry-extension-trace-propagatorsopentelemetry-apiRed Hat AI Inference ServerRed Hat Quay 3Red Hat Offline Knowledge Portal 1.2.7Migration Toolkit for ContainersRed Hat JBoss Enterprise Application Platform Expansion PackRed Hat Enterprise Linux AI (RHEL AI) 3Red Hat Data Grid 8Red Hat Ansible Automation Platform 2Red Hat 3scale API Management Platform 2OpenShift ServerlessRed Hat Satellite 6Exploit IntelligenceMigration Toolkit for Applications 8OpenShift LightspeedRed Hat OpenShift Dev Spaces 3.29Red Hat OpenShift AI (RHOAI)
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-42348
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.31% / 23.15%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 18:01
Updated-27 May, 2026 | 15:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpAMP client reads unbounded HTTP response bodies

OpenTelemetry.OpAmp.Client is the OpAMP client for OpenTelemetry .NET. Prior to 0.2.0-alpha.1, when receiving responses from the OpAMP server over HTTP, the OpAMP client allocates an unbounded buffer to read all bytes from the server, with no upper-bound on the number of bytes consumed. This could cause memory exhaustion in the consuming application if the configured OpAMP server is attacker-controlled (or a network attacker can MitM the connection) and an extremely large body is returned in the response. This vulnerability is fixed in 0.2.0-alpha.1.

Action-Not Available
Vendor-opentelemetryopen-telemetry
Product-opentelemetry.opamp.clientopentelemetry-dotnet-contrib
CWE ID-CWE-789
Memory Allocation with Excessive Size Value
CVE-2023-25151
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.97% / 58.08%
||
7 Day CHG~0.00%
Published-08 Feb, 2023 | 19:21
Updated-10 Mar, 2025 | 21:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoS vulnerability for high cardinality metrics in opentelemetry-go-contrib

opentelemetry-go-contrib is a collection of extensions for OpenTelemetry-Go. The v0.38.0 release of `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` uses the `httpconv.ServerRequest` function to annotate metric measurements for the `http.server.request_content_length`, `http.server.response_content_length`, and `http.server.duration` instruments. The `ServerRequest` function sets the `http.target` attribute value to be the whole request URI (including the query string)[^1]. The metric instruments do not "forget" previous measurement attributes when `cumulative` temporality is used, this means the cardinality of the measurements allocated is directly correlated with the unique URIs handled. If the query string is constantly random, this will result in a constant increase in memory allocation that can be used in a denial-of-service attack. This issue has been addressed in version 0.39.0. Users are advised to upgrade. There are no known workarounds for this issue.

Action-Not Available
Vendor-open-telemetryThe Linux Foundation
Product-opentelemetry-go_contribopentelemetry-go-contrib
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2026-29181
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.43% / 35.30%
||
7 Day CHG~0.00%
Published-07 Apr, 2026 | 20:29
Updated-16 Jul, 2026 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)

OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.36.0 to 1.40.0, multi-value baggage: header extraction parses each header field-value independently and aggregates members across values. This allows an attacker to amplify cpu and allocations by sending many baggage: header lines, even when each individual value is within the 8192-byte per-value parse limit. This vulnerability is fixed in 1.41.0.

Action-Not Available
Vendor-opentelemetryopen-telemetryRed Hat, Inc.
Product-opentelemetryopentelemetry-goMulticluster Engine for KubernetesRed Hat Advanced Cluster Management for Kubernetes 2multicluster engine for Kubernetes 2.11
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2024-36129
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-0.99% / 58.69%
||
7 Day CHG~0.00%
Published-05 Jun, 2024 | 17:26
Updated-02 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenTelemetry Collector has a Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC

The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. OTel Collector version 0.102.1 fixes this issue. It is also fixed in the confighttp module version 0.102.0 and configgrpc module version 0.102.1.

Action-Not Available
Vendor-opentelemetryopen-telemetryopentelemetry
Product-opentelemetry_collectorconfighttpconfiggrpcopentelemetry-collectoropentelemetry
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-47108
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-1.59% / 72.95%
||
7 Day CHG~0.00%
Published-10 Nov, 2023 | 18:31
Updated-28 Oct, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent. An attacker can easily flood the peer address and port for requests. Version 0.46.0 contains a fix for this issue. As a workaround to stop being affected, a view removing the attributes can be used. The other possibility is to disable grpc metrics instrumentation by passing `otelgrpc.WithMeterProvider` option with `noop.NewMeterProvider`.

Action-Not Available
Vendor-opentelemetryopen-telemetry
Product-opentelemetryopentelemetry-go-contrib
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2026-45676
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 5.77%
||
7 Day CHG~0.00%
Published-02 Jun, 2026 | 15:23
Updated-03 Jun, 2026 | 16:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenTelemetry eBPF Instrumentation: Unsafe fastelf parsing allows malformed ELF to crash agent

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string offsets from the executable file. A crafted local ELF can make OBI dereference invalid section pointers or slice past string tables, causing the agent to panic while determining the process language. This issue has been patched in version 0.9.0.

Action-Not Available
Vendor-opentelemetryopen-telemetry
Product-ebpf_instrumentationopentelemetry-ebpf-instrumentation
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-248
Uncaught Exception
CVE-2024-58368
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.7||HIGH
EPSS-Not Assigned
Published-18 Jul, 2026 | 13:10
Updated-18 Jul, 2026 | 14:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SurrealDB before 1.1.0 Denial of Service via HTTP Headers

SurrealDB versions before 1.1.0 fail to properly parse the ID, DB, and NS headers in HTTP REST API requests containing special characters. Unauthenticated attackers can send crafted HTTP requests with malformed header values to trigger an uncaught exception that crashes the server.

Action-Not Available
Vendor-surrealdb
Product-surrealdb
CWE ID-CWE-248
Uncaught Exception
CVE-2024-3051
Matching Score-4
Assigner-Silicon Labs
ShareView Details
Matching Score-4
Assigner-Silicon Labs
CVSS Score-7.5||HIGH
EPSS-0.48% / 38.05%
||
7 Day CHG~0.00%
Published-26 Apr, 2024 | 21:26
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Z/IP Gateway Device Reset Locally Denial of Service Vulnerability

Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end device. Any frames sent by the end device will not be acknowledged by the gateway during this time.

Action-Not Available
Vendor-silabs.comsilabs
Product-Z/IP Gateway SDKz\/ip_gateway_sdk
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-419
Unprotected Primary Channel
CVE-2023-23932
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.74% / 50.39%
||
7 Day CHG~0.00%
Published-03 Feb, 2023 | 20:08
Updated-10 Mar, 2025 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Specially crafted RTPS message may cause an OpenDDS application to crash

OpenDDS is an open source C++ implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS applications that are exposed to untrusted RTPS network traffic may crash when parsing badly-formed input. This issue has been patched in version 3.23.1.

Action-Not Available
Vendor-objectcomputingOpenDDS
Product-openddsOpenDDS
CWE ID-CWE-248
Uncaught Exception
CVE-2023-22477
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.06% / 60.62%
||
7 Day CHG~0.00%
Published-09 Jan, 2023 | 14:12
Updated-10 Mar, 2025 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mercurius is vulnerable to denial of service (DoS) when using subscriptions

Mercurius is a GraphQL adapter for Fastify. Any users of Mercurius until version 10.5.0 are subjected to a denial of service attack by sending a malformed packet over WebSocket to `/graphql`. This issue was patched in #940. As a workaround, users can disable subscriptions.

Action-Not Available
Vendor-mercurius_projectmercurius-js
Product-mercuriusmercurius
CWE ID-CWE-248
Uncaught Exception
CVE-2024-23325
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.75% / 50.85%
||
7 Day CHG~0.00%
Published-09 Feb, 2024 | 22:47
Updated-27 Aug, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Envoy crashes when using an address type that isn’t supported by the OS

Envoy is a high-performance edge/middle/service proxy. Envoy crashes in Proxy protocol when using an address type that isn’t supported by the OS. Envoy is susceptible to crashing on a host with IPv6 disabled and a listener config with proxy protocol enabled when it receives a request where the client presents its IPv6 address. It is valid for a client to present its IPv6 address to a target server even though the whole chain is connected via IPv4. This issue has been addressed in released 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-envoyproxyenvoyproxyenvoyproxy
Product-envoyenvoyenvoy
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CWE ID-CWE-248
Uncaught Exception
CVE-2023-22941
Matching Score-4
Assigner-Splunk Inc.
ShareView Details
Matching Score-4
Assigner-Splunk Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.03% / 59.76%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 17:22
Updated-28 Feb, 2025 | 11:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGEST_EVAL’ parameter in a Field Transformation crashes the Splunk daemon (splunkd).

Action-Not Available
Vendor-Splunk LLC (Cisco Systems, Inc.)
Product-splunksplunk_cloud_platformSplunk Cloud PlatformSplunk Enterprise
CWE ID-CWE-248
Uncaught Exception
CVE-2023-2251
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.5||HIGH
EPSS-1.09% / 61.70%
||
7 Day CHG~0.00%
Published-24 Apr, 2023 | 00:00
Updated-04 Feb, 2025 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uncaught Exception in eemeli/yaml

Uncaught Exception in GitHub repository eemeli/yaml prior to 2.0.0-5.

Action-Not Available
Vendor-yaml_projecteemeli
Product-yamleemeli/yaml
CWE ID-CWE-248
Uncaught Exception
CVE-2024-20137
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.22% / 65.38%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 03:07
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible client disconnection due to improper handling of exceptional conditions. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00384543; Issue ID: MSV-1727.

Action-Not Available
Vendor-MediaTek Inc.
Product-MT6890, MT7622, MT7915, MT7916, MT7981, MT7986mt7981mt6890mt7986mt7916mt7622mt7915
CWE ID-CWE-248
Uncaught Exception
CVE-2026-8161
Matching Score-4
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
ShareView Details
Matching Score-4
Assigner-ce714d77-add3-4f53-aff5-83d477b104bb
CVSS Score-7.5||HIGH
EPSS-0.47% / 37.87%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 08:50
Updated-12 May, 2026 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
multiparty vulnerable to Denial of Service via Prototype Pollution leading to Uncaught Exception

multiparty@4.2.3 and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a field name that collides with an inherited Object.prototype property such as __proto__, constructor, or toString, the parser invokes .push() on the inherited prototype value rather than an array, throwing a TypeError that propagates as an uncaught exception and crashes the process. Impact: any service accepting multipart uploads via multiparty is affected. Workarounds: none. Upgrade to multiparty@4.3.0 or higher.

Action-Not Available
Vendor-multiparty
Product-multiparty
CWE ID-CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE ID-CWE-248
Uncaught Exception
CVE-2024-11738
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.71% / 49.30%
||
7 Day CHG~0.00%
Published-06 Dec, 2024 | 14:54
Updated-20 Nov, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rustls: rustls network-reachable panic in `acceptor::accept`

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service (panic) via a fragmented TLS ClientHello message.

Action-Not Available
Vendor-rustls_projectRed Hat, Inc.
Product-rustlsRed Hat Trusted Artifact Signer
CWE ID-CWE-248
Uncaught Exception
CVE-2020-15796
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.59% / 72.92%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 21:05
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a specially crafted HTTP request.

Action-Not Available
Vendor-Siemens AG
Product-simatic_et_200sp_open_controllersimatic_et_200sp_open_controller_firmwaresimatic_s7-1500_software_controller_firmwaresimatic_s7-1500_software_controllerSIMATIC ET 200SP Open Controller (incl. SIPLUS variants)SIMATIC S7-1500 Software Controller
CWE ID-CWE-248
Uncaught Exception
CVE-2026-58208
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.59% / 44.40%
||
7 Day CHG~0.00%
Published-08 Jul, 2026 | 20:17
Updated-09 Jul, 2026 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NATS Server: MQTT-over-WebSocket Path Can Crash WebSocket-Only JetStream Servers Before MQTT Is Enabled

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a WebSocket listener could route requests for the MQTT-over-WebSocket path into MQTT handling even when MQTT was not configured, allowing an unauthenticated client with access to the WebSocket listener to reach uninitialized MQTT state and crash the server process. This issue is fixed in versions 2.14.3 and 2.12.12.

Action-Not Available
Vendor-nats-ioThe Linux Foundation
Product-nats-servernats-server
CWE ID-CWE-248
Uncaught Exception
CVE-2021-33010
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-1.03% / 59.77%
||
7 Day CHG~0.00%
Published-04 Apr, 2022 | 19:45
Updated-16 Apr, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
AVEVA System Platform Uncaught Exception

An exception is thrown from a function in AVEVA System Platform versions 2017 through 2020 R2 P01, but it is not caught, which may cause a denial-of-service condition.

Action-Not Available
Vendor-AVEVA
Product-system_platformAVEVA System Platform
CWE ID-CWE-248
Uncaught Exception
CVE-2023-39948
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.89% / 55.42%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 13:51
Updated-13 Feb, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Uncaught fastcdr exception (Unexpected CDR type received) crashing fastdds

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the `BadParamException` thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 contain a patch for this issue.

Action-Not Available
Vendor-eprosimaeProsimaDebian GNU/Linux
Product-fast_ddsdebian_linuxFast-DDS
CWE ID-CWE-248
Uncaught Exception
CVE-2025-55553
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.38% / 30.32%
||
7 Day CHG~0.00%
Published-25 Sep, 2025 | 00:00
Updated-03 Oct, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS).

Action-Not Available
Vendor-n/aThe Linux Foundation
Product-pytorchn/a
CWE ID-CWE-248
Uncaught Exception
CVE-2023-5038
Matching Score-4
Assigner-Hanwha Vision Co., Ltd.
ShareView Details
Matching Score-4
Assigner-Hanwha Vision Co., Ltd.
CVSS Score-8.7||HIGH
EPSS-0.42% / 33.89%
||
7 Day CHG~0.00%
Published-25 Jun, 2024 | 02:14
Updated-02 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated DoS

badmonkey, a Security Researcher has found a flaw that allows for a unauthenticated DoS attack on the camera. An attacker runs a crafted URL, nobody can access the web management page of the camera. and must manually restart the device or re-power it. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.

Action-Not Available
Vendor-hanwhavisionHanwha Vision Co., Ltd.hanwhavision
Product-xnv-9083rzxnp-8250rxnf-9010rvm_firmwarexnd-8082rf_firmwarelno-6012rxnp-6400rxnv-8082rlnd-6072r_firmwarexnv-8082r_firmwarexnp-6400rwqnv-6082rqnv-6082r1_firmwarexno-9083r_firmwarelno-6022rxnp-8250qnv-6024rmqnd-8080r_firmwareqnv-6084rlno-6022r_firmwareqnv-7022r_firmwarexnd-6083rvqno-7012rxnv-6083r_firmwareqnd-6072r1_firmwarexnp-6400rw_firmwarexnv-8093r_firmwarepnm-c9022rvqnv-6082r1qnd-8021_firmwareqnv-6032r1xnv-8083zxno-6083rano-l6022r_firmwareqnb-8002_firmwareqno-8020rxnp-9300rw_firmwareqnd-7032rxnp-c8303rw_firmwarexnv-c7083rqnd-6012r_firmwarexno-9082rxnp-9250_firmwarepnm-7002vdqnd-6073r_firmwarexno-6123r_firmwarexnv-6083rqno-6022r1xnf-9010rv_firmwareqnv-6022r_firmwareqnd-6082r1pnm-9000qbqnd-6083rxno-9083rqno-6032rqnd-7032r_firmwarexnd-8082rv_firmwareqnd-6082r_firmwarexnd-c6083rvxno-c9083rxnd-9082rvpnm-9031rvxnv-8083z_firmwareqnv-7082r_firmwarexnp-c9253_firmwarexno-9082r_firmwareqnv-8030rtnv-c7013rcpnm-9084rqz1_firmwarexno-8082rqnv-6032rqnd-8020r_firmwarexnd-9082rf_firmwarexno-8082r_firmwareqno-6073r_firmwareanv-l6082r_firmwareqnd-6012r1_firmwarelnv-6032rxnv-6083zlnv-6072r_firmwareano-l7022r_firmwarexnv-9083rqnv-6032r_firmwareqnv-6032r1_firmwarexnd-8093rv_firmwarexnv-c6083_firmwareqno-6022rane-l7012r_firmwarexnf-9010rvxnv-8083rz_firmwareqnd-8030rqno-6082rtnv-c7013rc_firmwarepnm-9085rqzqno-6084rano-l7012rqnv-8020r_firmwareqno-6072rqno-7032rqnv-8010rqno-7082rqno-6012r_firmwareqno-6012rxnb-9003xnp-c6403r_firmwarexnp-c6403rwxnp-9300rwxnv-c9083r_firmwarexnb-8002qne-8021r_firmwareqnd-7012rpnm-12082rvd_firmwarelnv-6032r_firmwareqno-6032r_firmwarexnd-9082rfqno-6082r_firmwareqnv-8080r_firmwareqno-6084r_firmwarexnd-8082rfpnm-9085rqz1_firmwarepnm-9084qz_firmwareqno-7032r_firmwarepnm-9084qz1ano-l6012rxnv-9082rlnd-6072rqnv-7012r_firmwareane-l6012r_firmwarexno-6123rxnd-8082rvpnm-9000qb_firmwarexnp-c9310r_firmwarelnv-6072rqnd-6012r1xnd-8093rvqnd-8030r_firmwareanv-l6012ranv-l7012rqnd-6011qnd-8020rqno-6073rqno-6072r1_firmwarepnm-9084qz1_firmwareqne-8021rxnb-6003_firmwarexno-6083r_firmwareqno-8020r_firmwareqnd-6073rqnv-7032r_firmwareqnd-8010r_firmwareanv-l6082rpnm-9085rqz_firmwareqno-8030rlnd-6012r_firmwarexnp-8300rw_firmwareanv-l7012r_firmwareqnv-6012r1xnp-c6403rw_firmwarexnp-c8253rxnb-9002_firmwarexnp-c8253r_firmwarexnf-9013rvxnv-8083r_firmwareqnd-6022rqnd-6011_firmwareano-l7012r_firmwarexnp-c9303rwqnd-6022r_firmwarexnd-9083rv_firmwarexnb-6003qnv-8080rqnd-6072r1qnv-6023rqnd-6082ranv-l6023r_firmwareqnd-6072rlno-6072rxnd-c9083rvqnd-6022r1pnm-9084rqz1qnv-6083r_firmwarexnv-6083rz_firmwareano-l6082r_firmwareqnv-6012r1_firmwareqno-6072r_firmwarelno-6032r_firmwareano-l6022rqnd-6032r1_firmwarexnv-9082r_firmwarexnf-9010rspnm-9031rv_firmwarepnm-9085rqz1qnd-6082r1_firmwareano-l7082rqnv-6082r_firmwareane-l6012rqnv-6012rqnd-6021_firmwarexnd-c6083rv_firmwarelnd-6012rlnv-6012rxnd-6083rv_firmwarexnp-c8253_firmwareqnd-7082r_firmwareqno-6082r1_firmwareqno-8080r_firmwarexnv-6083rzqnd-7022rqnv-6084r_firmwareqno-6083rqno-8010rpnm-c9022rv_firmwarepnm-9084rqz_firmwareqnv-6014rxnp-c9253anv-l6012r_firmwarexnd-8083rv_firmwareqnv-6022r1_firmwareqno-7082r_firmwarexnv-6123r_firmwareqno-6014r_firmwarexnb-6002_firmwareqnv-6073r_firmwarexnp-8250_firmwareqnv-6073rpnm-7082rvd_firmwareqno-6032r1qno-8030r_firmwareqnd-6032r1lnd-6022r_firmwarexnp-6400_firmwareqnd-6021xnp-c6403rqnv-7082rqnv-6072r1_firmwareanv-l7082r_firmwarelno-6032rxno-c8083r_firmwarexnp-6400r_firmwarepnm-9322vqpxno-c6083r_firmwarexno-c7083r_firmwareano-l6082rqnv-6014r_firmwareano-l6012r_firmwarepnm-12082rvdxnp-9250xnb-8003_firmwarexnp-c6403_firmwareanv-l6023rxnb-6002xnp-c6403ano-l7022rpnm-7082rvdxnf-9010rvmxnv-9083rz_firmwarexnb-8002_firmwareqnv-6023r_firmwareqnd-8021xnd-c9083rv_firmwarexnv-c6083r_firmwarexnv-8083rqno-6022r1_firmwarexno-c8083rqnd-6083r_firmwarelnv-6022r_firmwareqnv-6024rm_firmwareqnd-7022r_firmwarexnp-9250rqno-7022rxnd-c7083rvxnd-c8083rv_firmwarepnm-8082vtxnp-c9310rpnm-9002vqqnv-6072r1xnp-c9253rxnd-9083rvxnv-c6083rqno-6072r1ano-l7082r_firmwarexnf-9013rv_firmwareqnv-8010r_firmwarexnb-9003_firmwarexnv-c9083rpnm-9022v_firmwareqnv-7012rxnp-9250r_firmwareqnd-6072r_firmwareqno-7022r_firmwarexnv-c8083rxnp-6400qno-7012r_firmwareqnd-6032rpnm-8082vt_firmwarexnv-6123rxnb-9002xnp-c9303rw_firmwarexnf-9010rs_firmwarelno-6012r_firmwarexnb-8003qnb-8002qnd-8080rxnp-c8253qnv-6022r1lnd-6032r_firmwareqnd-8010rxnd-9082rv_firmwarepnm-9322vqp_firmwarelnv-6022rxno-c9083r_firmwareqno-8080rqnd-6032r_firmwareqno-6014rxnv-c8083r_firmwarepnm-9084rqzqnv-6072r_firmwareqno-6083r_firmwareqnd-7012r_firmwarexno-8083r_firmwareqnd-7082rqnv-8020rqno-8010r_firmwareqnv-7022rxnv-6083z_firmwareqnd-8011_firmwarexnp-8300rwxnd-c7083rv_firmwareanv-l7082rqnd-8011xnd-8083rvxnp-c9253r_firmwareqno-6022r_firmwareqne-8011rxnv-c7083r_firmwareane-l7012rxno-c7083rxnv-9083r_firmwareqno-6032r1_firmwarexnp-8250r_firmwareqno-6012r1lno-6072r_firmwareqne-8011r_firmwarexno-8083rqnd-6022r1_firmwarepnm-7002vd_firmwarelnv-6012r_firmwareqnv-6022rqno-6012r1_firmwareqnd-6012rqnv-6012r_firmwarexno-c6083rqnv-6072rqnv-7032rqnv-6083rqno-6082r1pnm-9002vq_firmwarexnv-8093rxnv-8083rzpnm-9084qzxnd-c8083rvlnd-6022rqnv-8030r_firmwarexnp-c8303rwlnd-6032rxnv-c6083pnm-9022vA-Series, Q-Series, PNM-series Camerapnm-9322vqppnm-9085rqzlnd-6012rlnv-6012rano-l6082rpnm-12082rvdane-l7012rpnm-9000qblno-6012rano-l7012rqnd-6032rano-l7022rpnm-7082rvdqnd-6022rpnm-9031rvlno-6022rlnv-6022rqnd-6012ranv-l6082rpnm-9084qz1ano-l6012rpnm-8082vtlno-6072rlno-6032rlnv-6032rlnd-6072rpnm-c9022rvpnm-9084rqzpnm-9084qzpnm-9084rqz1lnv-6072rpnm-9002vqanv-l6012ranv-l7012rqnd-6011lnd-6022rano-l6022rlnd-6032rpnm-9085rqz1qnd-6021anv-l7082rano-l7082rpnm-9022vpnm-7002vdane-l6012r
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-703
Improper Check or Handling of Exceptional Conditions
CVE-2025-3083
Matching Score-4
Assigner-MongoDB, Inc.
ShareView Details
Matching Score-4
Assigner-MongoDB, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 33.59%
||
7 Day CHG~0.00%
Published-01 Apr, 2025 | 11:12
Updated-01 Apr, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Malformed MongoDB wire protocol messages may cause mongos to crash

Specifically crafted MongoDB wire protocol messages can cause mongos to crash during command validation. This can occur without using an authenticated connection. This issue affects MongoDB v5.0 versions prior to 5.0.31,  MongoDB v6.0 versions prior to 6.0.20 and MongoDB v7.0 versions prior to 7.0.16

Action-Not Available
Vendor-MongoDB, Inc.
Product-MongoDB Server
CWE ID-CWE-248
Uncaught Exception
CVE-2023-4785
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-7.5||HIGH
EPSS-0.67% / 47.69%
||
7 Day CHG~0.00%
Published-13 Sep, 2023 | 16:31
Updated-12 Jan, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service in gRPC Core

Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go are NOT affected.

Action-Not Available
Vendor-grpcgrpcGoogle LLC
Product-grpcgRPCgrpc
CWE ID-CWE-248
Uncaught Exception
CVE-2023-46239
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.77% / 51.32%
||
7 Day CHG~0.00%
Published-31 Oct, 2023 | 15:02
Updated-05 Sep, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
quic-go vulnerable to pointer dereference that can lead to panic

quic-go is an implementation of the QUIC protocol in Go. Starting in version 0.37.0 and prior to version 0.37.3, by serializing an ACK frame after the CRYTPO that allows a node to complete the handshake, a remote node could trigger a nil pointer dereference (leading to a panic) when the node attempted to drop the Handshake packet number space. An attacker can bring down a quic-go node with very minimal effort. Completing the QUIC handshake only requires sending and receiving a few packets. Version 0.37.3 contains a patch. Versions before 0.37.0 are not affected.

Action-Not Available
Vendor-quic-go_projectquic-go
Product-quic-goquic-go
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-29785
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.40% / 32.44%
||
7 Day CHG~0.00%
Published-02 Jun, 2025 | 10:44
Updated-02 Jun, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
quic-go Has Panic in Path Probe Loss Recovery Handling

quic-go is an implementation of the QUIC protocol in Go. The loss recovery logic for path probe packets that was added in the v0.50.0 release can be used to trigger a nil-pointer dereference by a malicious QUIC client. In order to do so, the attacker first sends valid QUIC packets from different remote addresses (thereby triggering the newly added path validation logic: the server sends path probe packets), and then sending ACKs for packets received from the server specifically crafted to trigger the nil-pointer dereference. v0.50.1 contains a patch that fixes the vulnerability. This release contains a test that generates random sequences of sent packets (both regular and path probe packets), that was used to verify that the patch actually covers all corner cases. No known workarounds are available.

Action-Not Available
Vendor-quic-go
Product-quic-go
CWE ID-CWE-248
Uncaught Exception
CVE-2025-35436
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
CVSS Score-6.9||MEDIUM
EPSS-0.54% / 41.79%
||
7 Day CHG~0.00%
Published-17 Sep, 2025 | 16:53
Updated-19 Dec, 2025 | 12:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CISA Thorium account verification email error handling

CISA Thorium uses '.unwrap()' to handle errors related to account verification email messages. An unauthenticated remote attacker could cause a crash by providing a specially crafted email address or response. Fixed in commit 6a65a27.

Action-Not Available
Vendor-cisaCISA
Product-thoriumThorium
CWE ID-CWE-248
Uncaught Exception
CVE-2023-46135
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.76% / 51.21%
||
7 Day CHG~0.00%
Published-25 Oct, 2023 | 00:38
Updated-10 Sep, 2024 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Panic in SignedPayload::from_payload

rs-stellar-strkey is a Rust lib for encode/decode of Stellar Strkeys. A panic vulnerability occurs when a specially crafted payload is used.`inner_payload_len` should not above 64. This vulnerability has been patched in version 0.0.8.

Action-Not Available
Vendor-stellarstellarstellar
Product-rs-stellar-strkeyrs-stellar-strkeyrs-stellar-strkey
CWE ID-CWE-248
Uncaught Exception
CVE-2026-50328
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-1.21% / 64.85%
||
7 Day CHG~0.00%
Published-14 Jul, 2026 | 17:06
Updated-17 Jul, 2026 | 21:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Server Update Service (WSUS) Tampering Vulnerability

Uncaught exception in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-Windows Server 2012Windows 10 Version 1607Windows Server 2012 R2Windows Server 2019 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2019Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows Server 2022Windows Server 2025 (Server Core installation)Windows Server 2016Windows Server 2012 (Server Core installation)Windows Server 2025
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-248
Uncaught Exception
CVE-2026-48069
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.62% / 45.93%
||
7 Day CHG~0.00%
Published-14 Jul, 2026 | 19:42
Updated-15 Jul, 2026 | 14:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
@grpc/grps-js: An incoming malformed compressed message can cause a client or server crash

@grpc/grps-js implements the core functionality of gRPC purely in JavaScript, without a C++ addon. Prior to 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, and 1.14.4, an invalid incoming compressed message can cause a client or server process that uses @grpc/grpc-js to crash. This issue is fixed in versions 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, and 1.14.4.

Action-Not Available
Vendor-grpc
Product-grpc-node
CWE ID-CWE-248
Uncaught Exception
CVE-2026-48068
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.62% / 45.93%
||
7 Day CHG~0.00%
Published-14 Jul, 2026 | 19:39
Updated-15 Jul, 2026 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
@grpc/grps-js: A malformed request can cause a server crash

@grpc/grps-js implements the core functionality of gRPC purely in JavaScript, without a C++ addon. Prior to 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, and 1.14.4, an invalid incoming HTTP/2 stream initiation can cause a server process created using @grpc/grpc-js to crash. This issue is fixed in versions 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, and 1.14.4.

Action-Not Available
Vendor-grpc
Product-grpc-node
CWE ID-CWE-248
Uncaught Exception
CVE-2023-42444
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-0.69% / 48.80%
||
7 Day CHG~0.00%
Published-19 Sep, 2023 | 14:47
Updated-24 Sep, 2024 | 20:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
phonenumber panics on parsing crafted RF3966 inputs

phonenumber is a library for parsing, formatting and validating international phone numbers. Prior to versions `0.3.3+8.13.9` and `0.2.5+8.11.3`, the phonenumber parsing code may panic due to a panic-guarded out-of-bounds access on the phonenumber string. In a typical deployment of `rust-phonenumber`, this may get triggered by feeding a maliciously crafted phonenumber over the network, specifically the string `.;phone-context=`. Versions `0.3.3+8.13.9` and `0.2.5+8.11.3` contain a patch for this issue. There are no known workarounds.

Action-Not Available
Vendor-whisperfishwhisperfish
Product-phonenumberrust-phonenumber
CWE ID-CWE-392
Missing Report of Error Condition
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CWE ID-CWE-248
Uncaught Exception
CVE-2026-46545
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.34% / 26.08%
||
7 Day CHG~0.00%
Published-09 Jun, 2026 | 23:47
Updated-10 Jun, 2026 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
nimiq-primitives: Panic DoS in trie chunk processing via ROOT-keyed item

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::put_chunk allows any state-sync peer to crash any node performing state synchronization (freshly joining nodes and recovering nodes). This issue has been patched in version 1.5.0.

Action-Not Available
Vendor-nimiq
Product-core-rs-albatross
CWE ID-CWE-248
Uncaught Exception
CVE-2026-47480
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.5||HIGH
EPSS-0.28% / 19.83%
||
7 Day CHG~0.00%
Published-14 Jul, 2026 | 19:47
Updated-15 Jul, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause an uncaught exception. A successful exploit of this vulnerability might lead to denial of service.

Action-Not Available
Vendor-NVIDIA Corporation
Product-Triton Inference Server
CWE ID-CWE-248
Uncaught Exception
CVE-2023-3966
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.03% / 59.96%
||
7 Day CHG~0.00%
Published-22 Feb, 2024 | 12:15
Updated-16 May, 2025 | 14:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.

Action-Not Available
Vendor-openvswitchn/aRDOFedora ProjectRed Hat, Inc.
Product-openvswitchfedoraFast Datapath for RHEL 9Red Hat OpenShift Container Platform 3.11openvswitchOpenStack RDOFast Datapath for RHEL 7Red Hat Enterprise Linux 7FedoraFast Datapath for RHEL 8
CWE ID-CWE-248
Uncaught Exception
CVE-2023-39945
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-0.81% / 52.74%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 13:21
Updated-13 Feb, 2025 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Malformed serialized data in a data submessage leads to unhandled exception

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5, a data submessage sent to PDP port raises unhandled `BadParamException` in fastcdr, which in turn crashes fastdds. Versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5 contain a patch for this issue.

Action-Not Available
Vendor-eprosimaeProsimaDebian GNU/Linux
Product-fast_ddsdebian_linuxFast-DDS
CWE ID-CWE-248
Uncaught Exception
CVE-2026-42268
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-0.40% / 31.86%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 21:40
Updated-14 May, 2026 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ModSecurity: Unsigned integer underflow in @verifySSN / @verifyCPF / @verifySVNR operators

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception (std::out_of_range) caused by unsigned integer underflow in libmodsecurity3 if the user (administrator) uses a rule any of @verifySSN, @verifyCPF, or @verifySVNR. This vulnerability is fixed in 3.0.15.

Action-Not Available
Vendor-owaspowasp-modsecurity
Product-modsecurityModSecurity
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CWE ID-CWE-248
Uncaught Exception
CVE-2020-5129
Matching Score-4
Assigner-SonicWall, Inc.
ShareView Details
Matching Score-4
Assigner-SonicWall, Inc.
CVSS Score-7.5||HIGH
EPSS-1.30% / 67.22%
||
7 Day CHG~0.00%
Published-26 Mar, 2020 | 03:35
Updated-04 Aug, 2024 | 08:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000 Version 12.1.0-06411 and earlier.

Action-Not Available
Vendor-SonicWall Inc.
Product-sma1000sma1000_firmwareSMA1000
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CVE-2026-42544
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.32% / 24.52%
||
7 Day CHG~0.00%
Published-12 May, 2026 | 21:46
Updated-18 May, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Granian: Unauthenticated DoS via WebSocket subprotocol header panic

Granian is a Rust HTTP server for Python applications. From 1.2.0 to 2.7.4, Granian aborts a worker process when an unauthenticated client sends a WebSocket upgrade request whose Sec-WebSocket-Protocol header contains non-ASCII bytes. The crash happens in Granian's WebSocket scope construction path, before the ASGI application is invoked. This vulnerability is fixed in 2.7.4.

Action-Not Available
Vendor-emmett-framework
Product-granian
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-38504
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.76% / 51.15%
||
7 Day CHG~0.00%
Published-27 Jul, 2023 | 18:12
Updated-03 Oct, 2024 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sails DoS vulnerability for apps with sockets enabled

Sails is a realtime MVC Framework for Node.js. In Sails apps prior to version 1.5.7,, an attacker can send a virtual request that will cause the node process to crash. This behavior was fixed in Sails v1.5.7. As a workaround, disable the sockets hook and remove the `sails.io.js` client.

Action-Not Available
Vendor-sailsjsbalderdashysailsjs
Product-sailssailssails
CWE ID-CWE-248
Uncaught Exception
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found