Monthly
Denial of service in NVIDIA Triton Inference Server on Linux allows remote unauthenticated attackers to crash the service by triggering an uncaught exception (CWE-248), taking the model-serving endpoint offline. The flaw carries CVSS 7.5 with a pure availability impact (C:N/I:N/A:H) and no public exploit identified at time of analysis; it was reported by NVIDIA itself. No confidentiality or integrity compromise is involved — the sole consequence is loss of inference availability.
Denial of service in Microsoft Windows Server Update Services (WSUS) lets a remote, unauthenticated attacker crash or disrupt the update service by triggering an uncaught exception over the network. The flaw affects WSUS across Windows Server 2012 through 2025 (plus Windows 10 1607/1809 servicing components), and the CVSS 3.1 availability-only vector (A:H) indicates service unavailability rather than data compromise. No public exploit identified at time of analysis, but a vendor patch is available and the flaw is network-reachable without authentication.
Process crash via uncaught C++ exception in NanaZip's .NET single-file bundle handler affects all versions prior to 6.5.1749.0 on Windows. The extraction buffer is sized from the bundle entry's Size field, which is validated only for sign - not against the actual file content - allowing a crafted archive to trigger an attacker-controlled allocation whose resulting std::bad_alloc or std::length_error propagates across the COM STDMETHODCALLTYPE ABI boundary and terminates the NanaZip process. Impact is limited to denial of service; no public exploit has been identified at time of analysis, and the vendor has released a fix in version 6.5.1749.0.
Panic-triggering denial of service in the Excelize Go library (all versions prior to 2.11.0) allows any actor who can supply a crafted XLSX file to crash the consuming application. The root cause is an integer bounds check that validates only the upper bound of shared-string indices, permitting a cell value of -1 to reach a slice-index operation as a negative integer and cause a Go runtime panic in `GetCellValue` or `GetRows`. No active exploitation has been identified at time of analysis, but the attack is trivially constructable and requires no privileges if the target application exposes XLSX processing to untrusted input.
Denial of service in OpenTelemetry JavaScript (@opentelemetry/propagator-jaeger) before 2.9.0 allows an unauthenticated remote attacker to crash a Node.js service by sending a malformed percent-encoded uber-trace-id or uberctx-* HTTP header. The JaegerPropagator passes header values to decodeURIComponent() without catching the resulting URIError, so the uncaught exception terminates the process. No public exploit identified at time of analysis, and this is not listed in CISA KEV; the fix is version 2.9.0.
Process termination via crafted tar archive affects node-tar prior to 7.5.17, where NUL bytes in PAX path and linkpath header records are not sanitized before being passed to Node.js filesystem calls. Any application using node-tar to extract untrusted archives is susceptible to denial of service through an uncaught exception that crashes the Node.js process. No confirmed active exploitation or public exploit code has been identified at time of analysis; however, the low attack complexity (CVSS AC:L, PR:N) makes this trivial to trigger wherever attacker-controlled archive input reaches a vulnerable node-tar instance.
Denial of service in RaTeX, a Rust LaTeX-rendering library (crate ratex-parser), lets remote attackers crash any service that parses untrusted LaTeX by submitting a 9-byte `\verb` command whose delimiter is a multibyte UTF-8 character (e.g. `\verbéxé`). The parser slices the verbatim argument using byte indices rather than character boundaries, so index 1 lands inside the `é` character and Rust panics; because the release profile sets `panic = "abort"`, the panic terminates the entire process, not just one request. Publicly available exploit code exists (a one-line PoC in the GHSA advisory); no active exploitation is reported.
Uncaught Exception in the Gallagher Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated and authorized operator to force a controller restart by sending specific crafted requests, causing a temporary denial of service. Affected versions span Gallagher Command Centre 9.20 through 9.50 (pre-patch) and all versions of 9.10 and earlier. No public exploit code exists and no active exploitation has been identified; the high privilege requirement substantially limits real-world attack surface to insider or compromised-operator scenarios.
Gallagher Command Centre's T20 Readers component crashes and restarts when an authenticated, high-privilege operator sends specific crafted requests, causing a temporary denial of service. Exploitation requires existing operator-level credentials and authorization - this cannot be triggered by unauthenticated or low-privilege users. The vulnerability carries a CVSS 2.7 (Low) score with no public exploit code and no CISA KEV listing, indicating minimal real-world threat beyond insider misuse or compromised operator accounts.
Remote denial-of-service in NATS Server (nats-server) affects deployments with the WebSocket listener enabled but MQTT disabled; per the GHSA-p957-7v2w-g93g advisory and the fixing commit, an unauthenticated attacker can send an MQTT-over-WebSocket upgrade request to the WebSocket endpoint while MQTT is turned off, triggering an uncaught exception (CWE-248) that crashes the server (CVSS 7.5, availability-only impact). This is a Linux Foundation CNCF messaging component fixed in nats-server 2.12.12 and 2.14.3. No public exploit identified at time of analysis; not listed in CISA KEV, and EPSS is low at 0.53% (41st percentile), consistent with the SSVC assessment of exploitation 'none' and only partial technical impact.
Denial of service in NVIDIA Triton Inference Server on Linux allows remote unauthenticated attackers to crash the service by triggering an uncaught exception (CWE-248), taking the model-serving endpoint offline. The flaw carries CVSS 7.5 with a pure availability impact (C:N/I:N/A:H) and no public exploit identified at time of analysis; it was reported by NVIDIA itself. No confidentiality or integrity compromise is involved — the sole consequence is loss of inference availability.
Denial of service in Microsoft Windows Server Update Services (WSUS) lets a remote, unauthenticated attacker crash or disrupt the update service by triggering an uncaught exception over the network. The flaw affects WSUS across Windows Server 2012 through 2025 (plus Windows 10 1607/1809 servicing components), and the CVSS 3.1 availability-only vector (A:H) indicates service unavailability rather than data compromise. No public exploit identified at time of analysis, but a vendor patch is available and the flaw is network-reachable without authentication.
Process crash via uncaught C++ exception in NanaZip's .NET single-file bundle handler affects all versions prior to 6.5.1749.0 on Windows. The extraction buffer is sized from the bundle entry's Size field, which is validated only for sign - not against the actual file content - allowing a crafted archive to trigger an attacker-controlled allocation whose resulting std::bad_alloc or std::length_error propagates across the COM STDMETHODCALLTYPE ABI boundary and terminates the NanaZip process. Impact is limited to denial of service; no public exploit has been identified at time of analysis, and the vendor has released a fix in version 6.5.1749.0.
Panic-triggering denial of service in the Excelize Go library (all versions prior to 2.11.0) allows any actor who can supply a crafted XLSX file to crash the consuming application. The root cause is an integer bounds check that validates only the upper bound of shared-string indices, permitting a cell value of -1 to reach a slice-index operation as a negative integer and cause a Go runtime panic in `GetCellValue` or `GetRows`. No active exploitation has been identified at time of analysis, but the attack is trivially constructable and requires no privileges if the target application exposes XLSX processing to untrusted input.
Denial of service in OpenTelemetry JavaScript (@opentelemetry/propagator-jaeger) before 2.9.0 allows an unauthenticated remote attacker to crash a Node.js service by sending a malformed percent-encoded uber-trace-id or uberctx-* HTTP header. The JaegerPropagator passes header values to decodeURIComponent() without catching the resulting URIError, so the uncaught exception terminates the process. No public exploit identified at time of analysis, and this is not listed in CISA KEV; the fix is version 2.9.0.
Process termination via crafted tar archive affects node-tar prior to 7.5.17, where NUL bytes in PAX path and linkpath header records are not sanitized before being passed to Node.js filesystem calls. Any application using node-tar to extract untrusted archives is susceptible to denial of service through an uncaught exception that crashes the Node.js process. No confirmed active exploitation or public exploit code has been identified at time of analysis; however, the low attack complexity (CVSS AC:L, PR:N) makes this trivial to trigger wherever attacker-controlled archive input reaches a vulnerable node-tar instance.
Denial of service in RaTeX, a Rust LaTeX-rendering library (crate ratex-parser), lets remote attackers crash any service that parses untrusted LaTeX by submitting a 9-byte `\verb` command whose delimiter is a multibyte UTF-8 character (e.g. `\verbéxé`). The parser slices the verbatim argument using byte indices rather than character boundaries, so index 1 lands inside the `é` character and Rust panics; because the release profile sets `panic = "abort"`, the panic terminates the entire process, not just one request. Publicly available exploit code exists (a one-line PoC in the GHSA advisory); no active exploitation is reported.
Uncaught Exception in the Gallagher Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated and authorized operator to force a controller restart by sending specific crafted requests, causing a temporary denial of service. Affected versions span Gallagher Command Centre 9.20 through 9.50 (pre-patch) and all versions of 9.10 and earlier. No public exploit code exists and no active exploitation has been identified; the high privilege requirement substantially limits real-world attack surface to insider or compromised-operator scenarios.
Gallagher Command Centre's T20 Readers component crashes and restarts when an authenticated, high-privilege operator sends specific crafted requests, causing a temporary denial of service. Exploitation requires existing operator-level credentials and authorization - this cannot be triggered by unauthenticated or low-privilege users. The vulnerability carries a CVSS 2.7 (Low) score with no public exploit code and no CISA KEV listing, indicating minimal real-world threat beyond insider misuse or compromised operator accounts.
Remote denial-of-service in NATS Server (nats-server) affects deployments with the WebSocket listener enabled but MQTT disabled; per the GHSA-p957-7v2w-g93g advisory and the fixing commit, an unauthenticated attacker can send an MQTT-over-WebSocket upgrade request to the WebSocket endpoint while MQTT is turned off, triggering an uncaught exception (CWE-248) that crashes the server (CVSS 7.5, availability-only impact). This is a Linux Foundation CNCF messaging component fixed in nats-server 2.12.12 and 2.14.3. No public exploit identified at time of analysis; not listed in CISA KEV, and EPSS is low at 0.53% (41st percentile), consistent with the SSVC assessment of exploitation 'none' and only partial technical impact.