Skip to main content

Denial Of Service

36505 CVEs technique

Monthly

CVE-2026-53674 HIGH This Week

Regex injection in BuddyPress 14.4.0's activity mention resolver allows authenticated WordPress users to manipulate a REGEXP clause against the users table when username compatibility mode is enabled, enabling boolean-based username inference and denial of service via catastrophic backtracking. CVSS 4.0 scores this 7.1 with low confidentiality impact and high availability impact, reflecting the dual data-leakage and DoS outcomes. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Denial Of Service Nosql Injection
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-41726 Maven MEDIUM PATCH This Month

Unbounded heap growth in Spring for Apache Kafka's DelegatingDeserializer allows an authenticated network producer to trigger a Denial of Service against any consumer application that opts into this deserializer. By flooding the consumer with Kafka records carrying unique, randomized spring.kafka.serialization.selector header values, an attacker forces unbounded cache growth on the consumer's JVM heap, ultimately inducing GC thrash and OutOfMemoryError. No public exploit identified at time of analysis, and this is not listed in the CISA KEV catalog, but the low-complexity, network-accessible attack surface warrants prompt remediation for affected deployments.

Denial Of Service Apache Java Spring For Apache Kafka
NVD HeroDevs VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-41721 MEDIUM PATCH This Month

Uncontrolled resource consumption in Spring Data Commons exposes applications to a remote Denial of Service condition when two specific features are active simultaneously. An unauthenticated remote attacker can send a specially crafted HTTP request to any endpoint backed by a @ProjectedPayload-annotated controller method, triggering unbounded memory allocation that exhausts the JVM heap and crashes the application. The vulnerability spans eight major release lines (2.7.x through 4.0.x), making the potential blast radius broad across Spring-based Java backends. No public exploit code or CISA KEV listing has been identified at time of analysis, and the CVSS attack complexity rating of High reflects non-trivial preconditions that meaningfully limit opportunistic exploitation.

Denial Of Service Java Spring Data Commons
NVD HeroDevs
CVSS 3.1
5.9
EPSS
0.2%
CVE-2026-41716 HIGH PATCH This Week

Denial-of-service in Spring Data Commons (versions 2.7.0-4.0.5) allows remote unauthenticated attackers to exhaust JVM heap memory by repeatedly submitting unique property-name strings that are permanently retained in an internal property-lookup cache. The flaw maps to CWE-770 (Allocation of Resources Without Limits or Throttling) and carries a CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) reflecting purely availability impact. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.

Denial Of Service Java Spring Data Commons
NVD HeroDevs
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41711 MEDIUM PATCH This Month

Denial of Service in Spring Data Commons affects applications that parse Sort parameters, triggering a StackOverflowException via crafted input. All major supported and legacy branches from 2.7.x through 4.0.x are affected, making the blast radius exceptionally broad across the Spring ecosystem. CVSS rates this Medium (5.9) with a high attack complexity qualifier (AC:H), unauthenticated network access (PR:N), and full availability impact (A:H); no active exploitation is confirmed and no public exploit code has been identified at time of analysis.

Denial Of Service Java Spring Data Commons
NVD HeroDevs VulDB
CVSS 3.1
5.9
EPSS
0.1%
CVE-2026-41695 HIGH This Week

Denial of service in Spring Data Commons 3.4.x, 3.5.x, and 4.0.x allows remote unauthenticated attackers to exhaust server resources by supplying crafted property path strings that the MappingContext resolves inefficiently. The flaw is reachable wherever applications expose property path parsing to untrusted input, and with CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) it is trivially triggerable, though no public exploit identified at time of analysis and the issue is not on the CISA KEV list.

Denial Of Service Java Spring Data Commons
NVD VulDB HeroDevs
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-40988 HIGH PATCH This Week

Denial of service in Spring Security's SAML 2.0 service provider module allows remote unauthenticated attackers to exhaust application memory by submitting a maliciously compressed SAML payload over the REDIRECT binding. The flaw stems from an unbounded inflater that decompresses attacker-controlled data without size limits, enabling a classic decompression-bomb attack against any Spring application using SAML Login or Logout. No public exploit identified at time of analysis, but the network-reachable, no-authentication CVSS profile (7.5 High) makes this a near-term patching priority for SAML-enabled deployments.

Denial Of Service Java Spring Security
NVD VulDB HeroDevs
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-9740 HIGH PATCH This Week

Remote unauthenticated denial-of-service in MongoDB Server's BSON validation layer allows attackers to crash the mongod process by sending a crafted message containing nested binary structures that trigger uncontrolled mutual recursion. The CVSS 4.0 score of 8.7 reflects high availability impact with network attack vector and no authentication required. No public exploit identified at time of analysis, but the low-complexity, no-auth profile makes this a priority patch for internet-reachable MongoDB deployments.

Denial Of Service Mongodb Server
NVD VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-9753 HIGH PATCH This Week

Memory disclosure and denial-of-service in MongoDB Server allows any authenticated user with aggregate command privileges to crash the database or read out-of-bounds memory by submitting a malformed binary diff through the $_internalApplyOplogUpdate aggregation pipeline stage. The flaw stems from inadequate validation of the binary diff document structure consumed by an internal oplog replay operator that is unexpectedly reachable from user-facing aggregation queries. No public exploit identified at time of analysis, but the low privilege bar and network attack vector make this a meaningful threat in multi-tenant or shared-credential MongoDB deployments.

Denial Of Service Mongodb Server
NVD
CVSS 4.0
7.2
EPSS
0.1%
CVE-2026-9752 HIGH PATCH This Week

Denial of service in MongoDB Server allows an authenticated user to crash the database process by issuing a geospatial query backed by a 2dsphere index where the indexed field holds a GeoJSON GeometryCollection containing a Polygon defined with a strict-winding CRS. The flaw is a CWE-476 null pointer dereference reached because the rejection guard for unsupported strict-winding polygons does not recurse into GeometryCollection members. No public exploit identified at time of analysis and the issue is not on the CISA KEV list.

Denial Of Service Null Pointer Dereference Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-9750 HIGH PATCH This Week

MongoDB Server exposes an availability and data integrity risk allowing any low-privileged authenticated user to crash the mongod process or obtain incorrect query results by inserting specially crafted documents. The root cause - insufficient separation between user-controlled document fields and internal execution metadata (CWE-617: Reachable Assertion) - means the attack surface is the normal document write workflow, requiring no elevated roles. CVSS 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) is consistent with this profile: network-reachable, low complexity, low-privilege; no public exploit or CISA KEV listing has been identified at time of analysis.

Denial Of Service Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-9748 HIGH PATCH This Week

Remote denial-of-service in MongoDB Server allows an authenticated user to crash the mongod process by submitting an aggregation pipeline that places the $_internalConvertBucketIndexStats stage upstream of a $facet stage. The misuse of the internal PauseExecution signal trips a hard invariant assertion in TeeBuffer, terminating the database process. No public exploit identified at time of analysis, and the issue is tracked in MongoDB's internal tracker SERVER-123951.

Denial Of Service Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-9747 HIGH PATCH This Week

Denial of service in MongoDB Server allows authenticated remote attackers to crash the database process by submitting aggregation pipelines that combine the internal fromRouter:true flag with runtimeConstants.userRoles. No public exploit identified at time of analysis, but the bug is tracked in MongoDB's public JIRA (SERVER-123918), which makes the trigger conditions discoverable. Impact is limited to availability (VA:H) with no data exposure or integrity compromise.

Denial Of Service Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-9746 HIGH PATCH This Week

Denial of service in MongoDB Server occurs when an authenticated user issues a $changeStreams aggregation combined with the internal $_requestReshardingResumeToken option and the exchange option, triggering a reachable invariant that crashes the mongod process. Any logged-in user with low privileges can repeatedly invoke the crash on default deployments, producing service-wide downtime. No public exploit identified at time of analysis and the issue is not listed in CISA KEV, but the bug is vendor-confirmed via MongoDB Jira SERVER-124190.

Denial Of Service Microsoft Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-9743 HIGH PATCH This Week

Denial of service in MongoDB Server 8.0 allows authenticated users with aggregation pipeline privileges to crash the server process by issuing a specially crafted aggregation followed by a getMore command on the same cursor, triggering a null pointer dereference in the aggregation stage's _subPipeline field. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the low attack complexity and minimal privilege requirement make it a credible availability threat for multi-tenant or shared MongoDB deployments.

Denial Of Service Null Pointer Dereference Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-9742 HIGH PATCH This Week

Pre-authentication denial-of-service in MongoDB Server allows unauthenticated remote clients to crash the database process by submitting a crafted 'mechanism' value to the 'authenticate' command when OIDC authentication is configured. The flaw carries a CVSS 4.0 base score of 8.2 driven by network reachability, no privileges required, and high availability impact; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Mongodb Server
NVD VulDB
CVSS 4.0
8.2
EPSS
0.1%
CVE-2026-34711 HIGH This Week

Denial-of-service in Adobe CAI Content Credentials (c2pa-web 0.7.1 and c2pa 0.80.1 and earlier) allows remote unauthenticated attackers to crash the application by triggering an integer overflow during C2PA content processing. With a CVSS of 7.5 (AV:N/AC:L/PR:N/UI:N) and no public exploit identified at time of analysis, the bug carries pure availability impact - no data exposure or code execution - but is trivially reachable by anyone who can feed input to the library.

Denial Of Service Integer Overflow Cai Content Credentials
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-34712 HIGH This Week

Denial-of-service in Adobe's CAI Content Credentials SDK (c2pa-web 0.7.1 and c2pa 0.80.1 and earlier) allows remote unauthenticated attackers to crash the application by submitting malformed input that bypasses validation. The flaw carries a CVSS 7.5 rating driven entirely by availability impact, with no confidentiality or integrity consequences. There is no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

Denial Of Service Cai Content Credentials
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-47904 MEDIUM This Month

Uncontrolled resource consumption in Adobe CAI Content Credentials (c2pa-web@0.7.1 and c2pa-v0.80.1 and earlier) allows a local attacker without privileges to exhaust system resources, resulting in a denial-of-service condition. The vulnerability requires no user interaction, meaning it can be triggered programmatically by any process with local access to a system running the affected SDK. No public exploit code or CISA KEV listing has been identified at time of analysis.

Denial Of Service Cai Content Credentials
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-47903 MEDIUM This Month

Improper input validation in Adobe's CAI Content Credentials SDK (c2pa-web@0.7.1 and c2pa-v0.80.1 and earlier) permits a local attacker to crash the consuming application by supplying malformed input, resulting in a denial-of-service condition. No user interaction is required once the attacker can deliver crafted input to the locally running process. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog; however, the crash-based impact and low attack complexity make it straightforward to trigger.

Denial Of Service Cai Content Credentials
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-47902 MEDIUM This Month

Uncontrolled resource consumption in Adobe CAI Content Credentials SDK (c2pa-web@0.7.1 and c2pa-v0.80.1 and earlier) allows a local, unprivileged attacker to exhaust system resources and trigger an application-level denial-of-service condition. The CVSS vector confirms local attack vector with no privileges required and no user interaction, meaning any local process or user context capable of invoking the SDK can trigger the condition. No public exploit code or CISA KEV listing has been identified at time of analysis, and the availability impact is rated High with no confidentiality or integrity exposure.

Denial Of Service Cai Content Credentials
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-47905 MEDIUM This Month

Uncontrolled resource consumption in Adobe's CAI Content Credentials SDK (c2pa-web@0.7.1 and c2pa-v0.80.1 and earlier) allows a local, unprivileged attacker to exhaust system resources and crash the hosting application. The CVSS vector confirms local access is required, limiting exposure primarily to environments where untrusted users share process space with SDK-consuming applications, such as multi-tenant systems or services that process attacker-supplied C2PA credential data from disk or local input. No public exploit has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Denial Of Service Cai Content Credentials
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-34713 HIGH This Week

Denial-of-service in Adobe CAI Content Credentials (c2pa-web 0.7.1 and c2pa 0.80.1 and earlier) allows remote unauthenticated attackers to exhaust system resources and crash the application by triggering uncontrolled resource consumption during C2PA content processing. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the CVSS 7.5 score reflects easy network-based exploitation with no user interaction required. Affected deployments are those embedding Adobe's Content Authenticity SDK for verifying or generating C2PA provenance manifests on web-facing services.

Denial Of Service Cai Content Credentials
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-47916 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) occurs when a victim opens a maliciously crafted PDF, triggering a use-after-free memory corruption that lets the attacker run code with the privileges of the logged-on user. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; however, Acrobat Reader is a perennial target for phishing-delivered malware, making patching a near-term priority. Adobe has issued APSB26-63 with fixed builds.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47918 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) is triggered when a user opens a malicious PDF, exploiting a Use-After-Free memory corruption flaw to run code as the current user. No public exploit identified at time of analysis, and EPSS data was not provided, but the high CVSS of 7.8 combined with Reader's massive install base makes this a routine patch priority. Vendor (Adobe) issued advisory APSB26-63 with corrective updates.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47915 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier results from a use-after-free memory corruption bug (CWE-416) triggered when a victim opens a malicious PDF. Code runs in the security context of the current user, making this a credible client-side initial-access vector via phishing or drive-by document delivery. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47917 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651 and earlier) is possible when a victim opens a maliciously crafted PDF, triggering a use-after-free memory corruption flaw. Code runs with the privileges of the current user, and no public exploit identified at time of analysis, though Adobe has released APSB26-63 as the corresponding advisory.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47955 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier is possible when a victim opens a maliciously crafted file that triggers a use-after-free in the document parser. The flaw runs code in the context of the logged-in user and carries a CVSS 7.8 (High) score, but requires user interaction; no public exploit identified at time of analysis and EPSS data is not provided in the input.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47924 MEDIUM This Month

Use After Free memory disclosure in Adobe Acrobat Reader versions 24.001.30365 and 26.001.21651 (and earlier) exposes sensitive process memory contents when a victim opens a specially crafted malicious file. The CVSS vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) confirms the attack is local, requires no privileges, but mandates user interaction - the victim must manually open the attacker-supplied document. Impact is limited to confidentiality (C:H), with no integrity or availability consequence. No public exploit identified at time of analysis, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.

Denial Of Service Adobe Use After Free Memory Corruption Acrobat Reader
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-47919 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) is possible when a victim opens a maliciously crafted document, triggering a use-after-free condition in the renderer. The flaw runs code in the context of the current user and has no public exploit identified at time of analysis, though Adobe issued advisory APSB26-63 confirming the vulnerability class and affected versions.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47921 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier occurs through a use-after-free flaw triggered when a victim opens a maliciously crafted PDF document. Code executes in the context of the current user, making this a classic client-side document exploit vector. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47920 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651 and earlier) is possible when a victim opens a maliciously crafted PDF that triggers a use-after-free condition in the parser. Exploitation runs at the privilege of the user opening the file, and no public exploit identified at time of analysis. CVSS 7.8 reflects the local attack vector and required user interaction, but Reader's massive install base makes this a high-value target for phishing-driven campaigns.

Memory Corruption RCE Use After Free Denial Of Service Adobe +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47913 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier stems from a Use After Free condition (CWE-416) that triggers when a victim opens a malicious PDF, yielding execution in the context of the current user. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the file-opening attack pattern is a perennial favorite in phishing and document-borne campaigns targeting Acrobat. Adobe has shipped fixed builds under advisory APSB26-63.

Memory Corruption RCE Use After Free Denial Of Service Adobe
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47914 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier occurs through a use-after-free condition triggered by opening a malicious PDF document. Successful exploitation runs code in the context of the current user, but no public exploit identified at time of analysis and the issue requires user interaction to open the crafted file.

Memory Corruption RCE Use After Free Denial Of Service Adobe
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-47925 MEDIUM This Month

Integer overflow in Adobe Acrobat Reader triggers an application crash when processing a specially crafted file, resulting in a denial-of-service condition. Versions 24.001.30365 and 26.001.21651 and earlier are confirmed affected per Adobe advisory APSB26-63. Impact is limited to availability - no confidentiality or integrity compromise is possible - and no public exploit or active exploitation has been identified at time of analysis.

Denial Of Service Adobe Integer Overflow Acrobat Reader
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-47912 HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader 24.001.30365, 26.001.21651, and earlier versions occurs through a use-after-free condition triggered when a victim opens a malicious PDF file. Successful exploitation runs attacker-supplied code with the privileges of the current user, making this a viable phishing and drive-by document attack vector. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Memory Corruption RCE Use After Free Denial Of Service Adobe
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71319 npm HIGH PATCH GHSA This Week

Denial of service in the npm image-size library (versions 1.1.0-1.2.0 and 2.0.0-2.0.1) lets remote unauthenticated attackers hang any application that parses untrusted JXL, HEIF, or JP2 images. By supplying a crafted file whose ISO-BMFF-style box declares a size of zero, the findBox routine never advances its offset and enters an infinite loop during validation. No public exploit identified at time of analysis, though the vendor advisory includes payload details that make weaponization straightforward.

Denial Of Service Image Size
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-47241 Ruby LOW PATCH GHSA Monitor

{0}` or `{0+}`, allowing a smuggled literal-continuation marker to reach the IMAP server and cause it to absorb the next client command - hanging the issuing thread and, in multi-threaded environments, also the thread that sent the follow-up command. Rated low severity by the maintainers; no public exploit identified at time of analysis, but any application passing untrusted input to the affected raw argument parameters is at risk.

Denial Of Service Command Injection
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.4%
CVE-2026-34704 MEDIUM This Month

NULL Pointer Dereference in Adobe InDesign Desktop versions 21.3 and 20.5.3 and earlier allows a local attacker to crash the application by delivering a crafted document file that a victim must open, resulting in a denial-of-service condition with no confidentiality or integrity impact. Exploitation is constrained by mandatory user interaction (UI:R) and a local attack vector (AV:L), significantly limiting real-world risk beyond targeted social-engineering scenarios involving design professionals. No public exploit code has been identified and CISA has not added this to the Known Exploited Vulnerabilities catalog.

Denial Of Service Null Pointer Dereference Indesign Desktop
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-34696 HIGH This Week

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier stems from a use-after-free condition triggered when a user opens a maliciously crafted document, allowing an attacker to run code with the privileges of the logged-in user. The flaw is reported by Adobe with a CVSS 3.1 base score of 7.8 and tagged for RCE, denial of service, and memory corruption, but there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Denial Of Service Use After Free Memory Corruption RCE Indesign Desktop
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-34703 MEDIUM This Month

NULL Pointer Dereference in Adobe InDesign Desktop versions 21.3, 20.5.3 and earlier enables a denial-of-service condition by crashing the application when a victim opens a specially crafted malicious file. The vulnerability carries no confidentiality or integrity impact - availability is the sole affected component. No public exploit code has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog, limiting its urgency relative to higher-severity Adobe vulnerabilities.

Denial Of Service Null Pointer Dereference Indesign Desktop
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-28237 MEDIUM This Month

Unrestricted resource allocation in AMD µProf allows a local low-privileged user to consume excessive system resources, resulting in a loss of availability (denial of service). The CVSS 4.0 score of 6.8 reflects a locally exploitable, low-complexity attack requiring only low privileges with no user interaction needed. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis; however, the straightforward nature of resource exhaustion attacks makes it a realistic local threat on systems where AMD µProf is deployed.

Denial Of Service Amd Amd Prof
NVD VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2026-0466 MEDIUM This Month

Improper access control in AMD µProf exposes a kernel-shared memory section to low-privileged local users, enabling writes that can crash the system or cause a denial of service. All AMD µProf versions prior to 5.3 are affected across supported platforms. No public exploit code has been identified and this CVE is not listed in CISA KEV, but the CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:L/UI:N) indicates straightforward local exploitation requiring only basic user privileges with no additional complexity or user interaction.

Denial Of Service Amd Amd Prof
NVD VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2026-49160 HIGH POC PATCH Exploit Likely This Week

Remote denial-of-service in Microsoft's HTTP/2 implementation allows unauthenticated network attackers to exhaust server resources and disrupt service availability. The flaw (CWE-400, uncontrolled resource consumption) was reported by Microsoft's MSRC and carries a CVSS 7.5 score driven entirely by availability impact, with no public exploit identified at time of analysis.

Denial Of Service
NVD VulDB GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2026-48583 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Kernel allows an authenticated low-privileged user to elevate to SYSTEM by triggering a use-after-free condition (CWE-416). The flaw carries a CVSS 7.8 score with local attack vector and low privileges required, and no public exploit has been identified at time of analysis. Microsoft Security Response Center (MSRC) is the sole referenced authoritative source, indicating this is a vendor-discovered and vendor-tracked issue.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-47293 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Office Click-To-Run stems from a use-after-free condition (CWE-416) that lets an authorized low-privilege user elevate to higher privileges on the host. The flaw, reported by Microsoft's MSRC, carries a CVSS 7.0 (AV:L/AC:H/PR:L) reflecting that exploitation requires local access, low privileges, and a successful race-window or memory-state condition. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Microsoft Use After Free Memory Corruption Denial Of Service 365 Apps +3
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-45657 CRITICAL PATCH NEWS Exploit Unlikely Act Now

Remote code execution in the Windows Kernel allows unauthenticated network attackers to execute arbitrary code by triggering a use-after-free condition (CWE-122 heap-related memory corruption). The flaw was reported by Microsoft (secure@microsoft.com) and carries a critical CVSS 9.8 with no public exploit identified at time of analysis. Tag metadata indicates the bug can also be leveraged for heap overflow and denial-of-service outcomes.

Denial Of Service Heap Overflow Microsoft Buffer Overflow
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-45653 HIGH PATCH This Week

Local privilege escalation in Microsoft Windows Kernel allows an authenticated low-privilege attacker to elevate to SYSTEM by triggering a use-after-free condition in kernel memory. The flaw carries a CVSS 7.0 rating with high attack complexity, and no public exploit identified at time of analysis. Exploitation requires a race condition or specific timing to be won, which constrains reliable weaponization but does not eliminate the risk on multi-user or shared Windows hosts.

Denial Of Service Heap Overflow Microsoft Buffer Overflow Windows 10 1607 +12
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-45640 HIGH PATCH Exploit Unlikely Act Now

Local privilege escalation in the Windows Bluetooth Port Driver allows an authorized low-privileged attacker to elevate to higher privileges by triggering a use-after-free condition in the kernel-mode driver. The flaw is reported by Microsoft Security Response Center and carries a CVSS 7.0 (high) rating with high attack complexity, and no public exploit identified at time of analysis. EPSS data and CISA KEV status were not provided in the input, so widespread exploitation is not confirmed.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-45638 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver (AFD.sys) for WinSock allows an authenticated low-privileged user to gain SYSTEM-level access through a use-after-free condition. The flaw was reported by Microsoft (MSRC) and carries a CVSS 7.8 score with high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis, though the AFD.sys driver has a long history of similar bugs being weaponized post-disclosure.

Denial Of Service Heap Overflow Microsoft Buffer Overflow Windows 10 1607 +12
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-45637 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Desktop Window Manager (DWM) Core Library enables an authorized low-privileged user to gain elevated privileges through a use-after-free memory corruption flaw. The vulnerability carries a CVSS 3.1 score of 7.8 with high impact on confidentiality, integrity, and availability, and no public exploit identified at time of analysis. Exploitation requires the attacker to already have local code execution as a standard user, making it a strong candidate for post-compromise chaining toward SYSTEM-level access.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-45635 HIGH PATCH Exploit Unlikely This Week

Remote code execution in the Microsoft Windows Universal Plug and Play stack (upnp.dll) allows unauthenticated network attackers to execute arbitrary code on affected hosts by triggering a memory-safety flaw in the UPnP service. The issue carries a CVSS 3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N), reflecting network reachability without credentials but high attack complexity. At time of analysis there is no public exploit identified and the CVE is not listed in CISA KEV.

Denial Of Service Memory Corruption Windows 10 1607 Windows 10 1809 Windows 10 21h2 +10
NVD VulDB
CVSS 3.1
8.1
EPSS
0.4%
CVE-2026-45605 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Bluetooth Service stems from a use-after-free condition (CWE-416) that an authenticated low-privilege user can trigger to gain elevated rights on the host. The CVSS 7.8 vector (AV:L/AC:L/PR:L/UI:N) reflects a fully local attack with high impact across confidentiality, integrity, and availability, and no public exploit has been identified at time of analysis. The flaw was reported by Microsoft (secure@microsoft.com) and tracked in the MSRC update guide.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-45603 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (afd.sys) allows an authenticated low-privileged user to elevate to SYSTEM by winning a race condition that triggers a use-after-free. The flaw is reported by Microsoft (MSRC) and carries CVSS 7.0 with high attack complexity, but no public exploit is identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Microsoft Race Condition Windows 10 1607 Windows 10 1809 +11
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-45601 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (AFD.sys) allows an authenticated low-privileged attacker to win a race condition and gain SYSTEM-level execution. The flaw is a use-after-free triggered through concurrent WinSock operations, and at time of analysis no public exploit has been identified and the CVE is not on the CISA KEV list.

Denial Of Service Microsoft Race Condition Windows 10 1607 Windows 10 1809 +11
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-45599 HIGH PATCH Exploit Unlikely This Week

Remote code execution in the Windows Universal Plug and Play service (upnp.dll) allows unauthenticated network attackers to execute arbitrary code by triggering a use-after-free condition. The flaw carries a CVSS 3.1 base score of 8.1, lowered by high attack complexity (AC:H) reflecting the race-condition or memory-state requirements typical of UAF bugs. No public exploit identified at time of analysis, and the CVE is not currently listed in CISA KEV; EPSS data was not provided in the input.

Denial Of Service Use After Free Memory Corruption
NVD VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-45598 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (afd.sys) allows an authenticated low-privileged user to win a race condition and trigger a use-after-free, enabling code execution at kernel level. No public exploit identified at time of analysis, but AFD.sys has a long history of being a preferred LPE target and Microsoft has marked the issue as important. EPSS data was not provided in the source feed.

Denial Of Service Microsoft Race Condition Windows 10 1607 Windows 10 1809 +11
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-45596 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (afd.sys) allows an authenticated local user to gain SYSTEM-level rights by winning a race condition that leads to a use-after-free in kernel memory. The flaw affects Windows installations where afd.sys is loaded (effectively all desktop and server SKUs) and was reported by Microsoft Security Response Center; no public exploit identified at time of analysis and the vulnerability is not listed on the CISA KEV catalog.

Denial Of Service Microsoft Race Condition
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-45593 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows SDK enables an authenticated low-privileged attacker to elevate to higher privileges by exploiting a use-after-free memory corruption flaw. The CVSS 7.8 (AV:L/AC:L/PR:L) profile reflects local attack with low complexity and low privileges required, yielding full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis and the vulnerability is not currently listed in CISA KEV.

Denial Of Service Microsoft Integer Overflow
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-45591 NuGet HIGH PATCH GHSA Exploit Unlikely This Week

Remote denial of service in ASP.NET Core enables unauthenticated network attackers to exhaust server resources and disrupt application availability. The CVSS 7.5 score reflects high availability impact with low attack complexity and no required privileges or user interaction, though no public exploit identified at time of analysis. Microsoft (secure@microsoft.com) is the reporting source via MSRC, indicating a vendor-coordinated disclosure.

Denial Of Service Asp Net Core Visual Studio 2026 Net
NVD VulDB GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2026-45476 HIGH PATCH NEWS Exploit Unlikely This Week

Local privilege escalation in the Linux MANA (Microsoft Azure Network Adapter) driver allows an authenticated attacker with high privileges on the host to escalate privileges across security boundaries by exploiting a use-after-free condition. The flaw was reported by Microsoft Security Response Center and carries a CVSS 3.1 score of 8.2 driven by scope change and high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Denial Of Service Use After Free Memory Corruption Azure Network Adapter
NVD VulDB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2026-44813 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library enables an authenticated low-privilege attacker to gain elevated rights through a use-after-free memory corruption flaw. The issue carries a CVSS 7.8 (High) rating with total confidentiality, integrity, and availability impact, and no public exploit identified at time of analysis. CISA SSVC scoring marks exploitation as 'none' and not automatable, suggesting limited real-world activity despite the severe technical impact.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 11 26h1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-44811 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library allows an authenticated low-privileged user to elevate to higher privileges on the host by triggering a use-after-free condition. The flaw was reported by Microsoft (MSRC) and carries a CVSS 7.8 with no public exploit identified at time of analysis. EPSS data was not provided and the issue is not currently listed in CISA KEV.

Denial Of Service Microsoft Windows 11 26h1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-44809 HIGH PATCH This Week

Local privilege escalation in the Windows Common Log File System (CLFS) Driver allows an authenticated low-privileged attacker to elevate to SYSTEM via a use-after-free memory corruption flaw. The vulnerability carries a CVSS 7.8 rating with high impact across confidentiality, integrity, and availability, and no public exploit identified at time of analysis. CLFS has a long history of being targeted for kernel-level privilege escalation, making this class of bug a recurring concern for Windows defenders.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-44808 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library stems from a use-after-free condition (CWE-122) that lets an authenticated low-privileged user gain elevated rights on affected Windows systems. The flaw was reported by Microsoft (secure@microsoft.com) and tracked via MSRC, with no public exploit identified at time of analysis and no CISA KEV listing. CVSS 7.8 reflects high impact on confidentiality, integrity, and availability once the attacker has local foothold.

Denial Of Service Heap Overflow Microsoft Buffer Overflow Windows 11 26h1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-44807 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Desktop Window Manager (DWM) Core Library allows an authenticated low-privileged user to elevate to SYSTEM via a use-after-free memory corruption flaw. CVSS 7.8 with high impact to confidentiality, integrity, and availability, but currently no public exploit identified at time of analysis and CISA SSVC rates exploitation status as 'none' with automation as 'no'.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 11 26h1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-44805 MEDIUM PATCH This Month

Use-after-free in the Windows Network Controller (NC) Host Agent enables a locally authenticated attacker to crash the service, resulting in a denial of service on affected Windows Server deployments. The vulnerability carries a CVSS score of 5.5 (Medium) with local attack vector and low-privilege requirements, limiting its blast radius to service availability - confidentiality and integrity are unaffected. No public exploit code exists and CISA KEV listing is absent at time of analysis, though a vendor patch from Microsoft is available and should be prioritized on Windows Server deployments leveraging Software Defined Networking.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-44804 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library allows an authenticated low-privileged user to elevate to higher privileges by exploiting a use-after-free memory corruption flaw (CWE-416). The issue was reported by Microsoft's security team (secure@microsoft.com) and tracked via MSRC, with no public exploit identified at time of analysis. Successful exploitation yields full confidentiality, integrity, and availability impact on the local host.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 11 26h1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-44802 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library allows an authenticated low-privilege attacker to gain higher privileges through a use-after-free memory corruption flaw. The vulnerability carries a CVSS score of 7.8 with high impact across confidentiality, integrity, and availability, and no public exploit identified at time of analysis. Successful exploitation typically yields SYSTEM-level code execution on the affected Windows host.

Microsoft Use After Free Memory Corruption Denial Of Service Windows 10 1809 +9
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-42987 HIGH PATCH NEWS Exploit Unlikely This Week

Remote code execution in Microsoft Windows Deployment Services (WDS) allows unauthenticated network-based attackers to execute arbitrary code by exploiting a use-after-free memory corruption flaw (CWE-416). The CVSS 8.1 score reflects high impact on confidentiality, integrity, and availability, though exploit complexity is rated High. No public exploit identified at time of analysis, and SSVC marks exploitation status as none with the flaw classified as not automatable.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-42986 HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Microsoft Graphics Component allows an authenticated low-privileged attacker to gain elevated rights via a use-after-free memory corruption flaw (CWE-416). The issue carries a CVSS 7.8 (High) rating with full confidentiality, integrity, and availability impact on the affected host. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Microsoft Denial Of Service Memory Corruption Use After Free Windows 10 1607 +12
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-42984 HIGH PATCH This Week

Local privilege escalation in Microsoft Windows Kernel allows an authorized low-privileged attacker to gain elevated (SYSTEM-level) privileges by triggering a use-after-free condition in kernel memory. The flaw carries a CVSS 7.0 (High) rating with high attack complexity, and Microsoft has released a patch via MSRC; no public exploit identified at time of analysis. Successful exploitation breaks the local Windows security boundary, enabling full host compromise from any authenticated session.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-42983 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Desktop Window Manager (DWM) Core Library enables an authenticated low-privileged attacker to gain elevated privileges through a use-after-free memory corruption flaw. CVSS 7.8 reflects high impact on confidentiality, integrity, and availability but requires local access and existing user-level credentials. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-42914 MEDIUM PATCH Exploit Unlikely This Month

Windows Kerberos out-of-bounds read (CWE-125) allows a low-privilege network attacker to crash the Kerberos authentication service across all actively supported Windows client and server platforms, from Windows Server 2012 through Windows Server 2025 and Windows 11 26H1. The attack requires prior domain authentication and high-complexity triggering conditions (CVSS AC:H), limiting opportunistic mass exploitation, though a successful attack against a domain controller can deny authentication domain-wide by crashing the KDC. Vendor patches are available via the Microsoft MSRC advisory; no public exploit code exists and SSVC confirms no observed exploitation at time of analysis.

Denial Of Service Information Disclosure Microsoft Buffer Overflow Windows 10 1607 +12
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-42911 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (afd.sys) allows an authenticated low-privileged user to elevate to SYSTEM via a use-after-free condition. The flaw affects Microsoft Windows installations using the standard WinSock kernel driver and has a vendor-released patch available through Microsoft's security update guide. No public exploit has been identified at time of analysis, though afd.sys has historically been a frequent target for elevation-of-privilege exploitation.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-42905 HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library enables an authorized low-privilege user to elevate to higher privileges via a use-after-free condition. The flaw carries a CVSS 7.8 (High) and no public exploit identified at time of analysis, though Microsoft has acknowledged the issue through MSRC. Successful exploitation grants full confidentiality, integrity, and availability impact on the affected host.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-42903 MEDIUM PATCH This Month

Null pointer dereference in Windows Kerberos enables an authenticated network attacker to crash the Kerberos service, causing denial of service. The CVSS vector (AV:N/AC:L/PR:L/UI:N) confirms exploitation is achievable over the network by any low-privilege authenticated user with no user interaction required, resulting in high availability impact (A:H) with no confidentiality or integrity consequences. No active exploitation confirmed (not in CISA KEV), and no public exploit code has been identified at time of analysis.

Denial Of Service Null Pointer Dereference Microsoft
NVD VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-34335 HIGH PATCH Act Now

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (AFD.sys) allows an authenticated low-privileged user to elevate to SYSTEM by triggering a use-after-free condition in the kernel-mode driver. No public exploit identified at time of analysis and the issue is not listed in CISA KEV, but AFD.sys has a long history of being targeted for kernel EoP, making this a likely candidate for future weaponization. CVSS 7.0 reflects the high attack complexity required to reliably win the underlying race or reuse condition.

Microsoft Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.0
EPSS
0.1%
CVE-2026-24180 HIGH This Week

Heap-based buffer overflow in NVIDIA DALI enables local authenticated attackers to achieve code execution, data tampering, denial of service, or information disclosure when a victim user interacts with attacker-supplied input. The flaw affects the Data Loading Library used in GPU-accelerated deep learning data pipelines and carries a CVSS 3.1 score of 7.3 (High). No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Nvidia Heap Overflow RCE Information Disclosure Buffer Overflow +1
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-24181 HIGH This Week

Local code execution and data tampering in NVIDIA DALI (Data Loading Library) is possible when a low-privileged user is tricked into processing attacker-controlled input through a component that performs improper index validation (CWE-129). The CVSS 7.3 vector (AV:L/AC:L/PR:L/UI:R) indicates local access, low privileges, and user interaction are required, with high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Denial Of Service Information Disclosure Nvidia RCE
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-49955 MEDIUM PATCH This Month

Resource exhaustion in Hermes WebUI before v0.51.270 allows unauthenticated remote attackers to degrade service availability by abusing the WebAuthn passkey options endpoint without rate limiting or challenge lifecycle enforcement. Repeated POST requests to the authentication endpoint cause the server-side challenge store file to grow without bound, generating sustained CPU load and disk I/O pressure through continuous JSON file rewrites. No public exploit identified at time of analysis and not listed in CISA KEV; EPSS data was not available in provided intelligence. The fix is confirmed in the vendor-released v0.51.270.

Denial Of Service Hermes Webui
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-49847 HIGH PATCH This Week

Denial of service in FreeSWITCH prior to version 1.11.1 allows remote unauthenticated attackers to crash the entire telephony process by sending a single WebSocket frame carrying a deeply nested JSON document. The recursive parsing exhausts the worker thread's stack and triggers SIGSEGV via the kernel stack guard page, terminating all active calls and sessions on the host. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV, but the trivial network-reachable trigger and availability-only impact make it a credible service-disruption risk for exposed VoIP infrastructure.

Denial Of Service Freeswitch
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-49842 HIGH PATCH This Week

Unauthenticated outbound bandwidth amplification in FreeSWITCH versions prior to 1.11.1 allows remote attackers to coerce the server into emitting roughly 20 GB of traffic per short request via the mod_verto WebSocket #SPU speed-test command. The pre-auth code path parses the requested payload size with atoi() and only rejects non-positive values, letting a peer ask for up to INT_MAX bytes and triggering a size*10 download. No public exploit is identified at time of analysis, but the high-severity CVSS (7.5, A:H) and trivial trigger make this a credible DDoS-as-a-service primitive.

Denial Of Service Freeswitch
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-49840 CRITICAL PATCH Act Now

Heap corruption in FreeSWITCH libesl prior to version 1.11.1 allows a malicious or man-in-the-middle Event Socket Library (ESL) peer to crash or corrupt the memory of any process linked against libesl by sending a frame containing a negative Content-Length header. The flaw is pre-authentication and reachable before the client completes authentication to the peer, and no public exploit identified at time of analysis despite a CVSS of 9.1.

Denial Of Service Freeswitch
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-49762 MEDIUM PATCH This Month

Denial of service in Elixir's standard library Version module (versions 1.5.0 through 1.20.0) allows any caller passing an attacker-controlled version string to exhaust CPU and memory or crash the calling BEAM process. The five public entry points - Version.parse/1, Version.parse!/1, Version.match?/3, Version.compare/2, and Version.parse_requirement/1 - pass numeric version components to :erlang.binary_to_integer/1 without length bounds, triggering super-linear arbitrary-precision integer conversion; a single ~1 MB all-digit component suffices. Applications routinely invoke these functions on untrusted input (HTTP parameters, package metadata), making the effective attack surface broader than the CVSS AV:L classification implies. No public exploit has been identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Denial Of Service Suse Red Hat
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-11793 MEDIUM This Month

Stack buffer overflow in 389 Directory Server's pw.c checkPrefix() function allows a network-accessible Directory Manager to crash the LDAP server by storing a crafted credential with an oversized algorithm ID. The vulnerable code copies attacker-controlled input into a fixed 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. FORTIFY_SOURCE compiler hardening constrains impact to denial of service - preventing arbitrary code execution - but service disruption against a critical authentication infrastructure component remains operationally significant. No public exploit identified at time of analysis.

Denial Of Service Stack Overflow Buffer Overflow Red Hat Directory Server 11 Red Hat Directory Server 12 +6
NVD VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-11790 MEDIUM This Month

Uncontrolled CPU consumption in Red Hat 389 Directory Server's PBKDF2-SHA256 password storage plugin allows a highly privileged attacker who has write access to stored password hashes to craft a hash embedding an arbitrarily large iteration count, causing the LDAP server to exhaust CPU resources during any subsequent authentication attempt by the targeted user. Affected products span Red Hat Directory Server 11 through 13 and the 389-ds package as shipped across Red Hat Enterprise Linux 6 through 10. No public exploit has been identified at time of analysis, and active exploitation has not been confirmed by CISA KEV.

Denial Of Service Red Hat Directory Server 11 Red Hat Directory Server 12 Red Hat Directory Server 13 Red Hat Enterprise Linux 10 +4
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2026-11789 MEDIUM This Month

Denial-of-service in Red Hat's 389 Directory Server allows a highly privileged network attacker to crash the LDAP service by submitting a crafted password hash shorter than 16 bytes during authentication. The SMD5 password storage plugin performs an unsigned integer underflow (CWE-191) when computing salt length from this malformed input, producing a buffer over-read that terminates the server process. No public exploit code exists and this vulnerability has not been confirmed actively exploited (CISA KEV), but the impact is a complete loss of LDAP availability with low attack complexity once the required privilege level is achieved.

Denial Of Service Integer Overflow Red Hat Directory Server 11 Red Hat Directory Server 12 Red Hat Directory Server 13 +5
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-11788 HIGH This Week

Remote denial of service in 389 Directory Server (Red Hat Directory Server 11/12/13 and Red Hat Enterprise Linux 6 through 10) allows unauthenticated network attackers to crash the LDAP daemon by exploiting an unchecked BER structure allocation in the dereference control plugin when the host is under memory pressure. No public exploit identified at time of analysis, and EPSS exploitation probability is very low (0.09%, 25th percentile), but the unauthenticated network-reachable nature warrants prompt patching of internet-facing or business-critical directory services.

Denial Of Service Null Pointer Dereference Red Hat Directory Server 11 Red Hat Directory Server 12 Red Hat Directory Server 13 +5
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-46330 HIGH PATCH This Week

Use-after-free and VFS invariant violations in the Linux kernel SMC subsystem (5.17 through pre-6.19.4) allow local privileged users to trigger memory corruption and system instability via the TCP ULP-to-SMC conversion path. The upstream maintainers fully reverted the underlying commit d7cd421da9da rather than attempting an in-place fix, citing fundamental design flaws; no public exploit identified at time of analysis and EPSS sits at 0.02% (5th percentile).

Linux Denial Of Service Use After Free Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
EPSS 0% CVSS 7.1
HIGH This Week

Regex injection in BuddyPress 14.4.0's activity mention resolver allows authenticated WordPress users to manipulate a REGEXP clause against the users table when username compatibility mode is enabled, enabling boolean-based username inference and denial of service via catastrophic backtracking. CVSS 4.0 scores this 7.1 with low confidentiality impact and high availability impact, reflecting the dual data-leakage and DoS outcomes. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Denial Of Service Nosql Injection
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Unbounded heap growth in Spring for Apache Kafka's DelegatingDeserializer allows an authenticated network producer to trigger a Denial of Service against any consumer application that opts into this deserializer. By flooding the consumer with Kafka records carrying unique, randomized spring.kafka.serialization.selector header values, an attacker forces unbounded cache growth on the consumer's JVM heap, ultimately inducing GC thrash and OutOfMemoryError. No public exploit identified at time of analysis, and this is not listed in the CISA KEV catalog, but the low-complexity, network-accessible attack surface warrants prompt remediation for affected deployments.

Denial Of Service Apache Java +1
NVD HeroDevs VulDB
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Uncontrolled resource consumption in Spring Data Commons exposes applications to a remote Denial of Service condition when two specific features are active simultaneously. An unauthenticated remote attacker can send a specially crafted HTTP request to any endpoint backed by a @ProjectedPayload-annotated controller method, triggering unbounded memory allocation that exhausts the JVM heap and crashes the application. The vulnerability spans eight major release lines (2.7.x through 4.0.x), making the potential blast radius broad across Spring-based Java backends. No public exploit code or CISA KEV listing has been identified at time of analysis, and the CVSS attack complexity rating of High reflects non-trivial preconditions that meaningfully limit opportunistic exploitation.

Denial Of Service Java Spring Data Commons
NVD HeroDevs
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial-of-service in Spring Data Commons (versions 2.7.0-4.0.5) allows remote unauthenticated attackers to exhaust JVM heap memory by repeatedly submitting unique property-name strings that are permanently retained in an internal property-lookup cache. The flaw maps to CWE-770 (Allocation of Resources Without Limits or Throttling) and carries a CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) reflecting purely availability impact. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.

Denial Of Service Java Spring Data Commons
NVD HeroDevs
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Denial of Service in Spring Data Commons affects applications that parse Sort parameters, triggering a StackOverflowException via crafted input. All major supported and legacy branches from 2.7.x through 4.0.x are affected, making the blast radius exceptionally broad across the Spring ecosystem. CVSS rates this Medium (5.9) with a high attack complexity qualifier (AC:H), unauthenticated network access (PR:N), and full availability impact (A:H); no active exploitation is confirmed and no public exploit code has been identified at time of analysis.

Denial Of Service Java Spring Data Commons
NVD HeroDevs VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Denial of service in Spring Data Commons 3.4.x, 3.5.x, and 4.0.x allows remote unauthenticated attackers to exhaust server resources by supplying crafted property path strings that the MappingContext resolves inefficiently. The flaw is reachable wherever applications expose property path parsing to untrusted input, and with CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) it is trivially triggerable, though no public exploit identified at time of analysis and the issue is not on the CISA KEV list.

Denial Of Service Java Spring Data Commons
NVD VulDB HeroDevs
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in Spring Security's SAML 2.0 service provider module allows remote unauthenticated attackers to exhaust application memory by submitting a maliciously compressed SAML payload over the REDIRECT binding. The flaw stems from an unbounded inflater that decompresses attacker-controlled data without size limits, enabling a classic decompression-bomb attack against any Spring application using SAML Login or Logout. No public exploit identified at time of analysis, but the network-reachable, no-authentication CVSS profile (7.5 High) makes this a near-term patching priority for SAML-enabled deployments.

Denial Of Service Java Spring Security
NVD VulDB HeroDevs
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Remote unauthenticated denial-of-service in MongoDB Server's BSON validation layer allows attackers to crash the mongod process by sending a crafted message containing nested binary structures that trigger uncontrolled mutual recursion. The CVSS 4.0 score of 8.7 reflects high availability impact with network attack vector and no authentication required. No public exploit identified at time of analysis, but the low-complexity, no-auth profile makes this a priority patch for internet-reachable MongoDB deployments.

Denial Of Service Mongodb Server
NVD VulDB
EPSS 0% CVSS 7.2
HIGH PATCH This Week

Memory disclosure and denial-of-service in MongoDB Server allows any authenticated user with aggregate command privileges to crash the database or read out-of-bounds memory by submitting a malformed binary diff through the $_internalApplyOplogUpdate aggregation pipeline stage. The flaw stems from inadequate validation of the binary diff document structure consumed by an internal oplog replay operator that is unexpectedly reachable from user-facing aggregation queries. No public exploit identified at time of analysis, but the low privilege bar and network attack vector make this a meaningful threat in multi-tenant or shared-credential MongoDB deployments.

Denial Of Service Mongodb Server
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Denial of service in MongoDB Server allows an authenticated user to crash the database process by issuing a geospatial query backed by a 2dsphere index where the indexed field holds a GeoJSON GeometryCollection containing a Polygon defined with a strict-winding CRS. The flaw is a CWE-476 null pointer dereference reached because the rejection guard for unsupported strict-winding polygons does not recurse into GeometryCollection members. No public exploit identified at time of analysis and the issue is not on the CISA KEV list.

Denial Of Service Null Pointer Dereference Mongodb Server
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

MongoDB Server exposes an availability and data integrity risk allowing any low-privileged authenticated user to crash the mongod process or obtain incorrect query results by inserting specially crafted documents. The root cause - insufficient separation between user-controlled document fields and internal execution metadata (CWE-617: Reachable Assertion) - means the attack surface is the normal document write workflow, requiring no elevated roles. CVSS 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) is consistent with this profile: network-reachable, low complexity, low-privilege; no public exploit or CISA KEV listing has been identified at time of analysis.

Denial Of Service Mongodb Server
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Remote denial-of-service in MongoDB Server allows an authenticated user to crash the mongod process by submitting an aggregation pipeline that places the $_internalConvertBucketIndexStats stage upstream of a $facet stage. The misuse of the internal PauseExecution signal trips a hard invariant assertion in TeeBuffer, terminating the database process. No public exploit identified at time of analysis, and the issue is tracked in MongoDB's internal tracker SERVER-123951.

Denial Of Service Mongodb Server
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Denial of service in MongoDB Server allows authenticated remote attackers to crash the database process by submitting aggregation pipelines that combine the internal fromRouter:true flag with runtimeConstants.userRoles. No public exploit identified at time of analysis, but the bug is tracked in MongoDB's public JIRA (SERVER-123918), which makes the trigger conditions discoverable. Impact is limited to availability (VA:H) with no data exposure or integrity compromise.

Denial Of Service Mongodb Server
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Denial of service in MongoDB Server occurs when an authenticated user issues a $changeStreams aggregation combined with the internal $_requestReshardingResumeToken option and the exchange option, triggering a reachable invariant that crashes the mongod process. Any logged-in user with low privileges can repeatedly invoke the crash on default deployments, producing service-wide downtime. No public exploit identified at time of analysis and the issue is not listed in CISA KEV, but the bug is vendor-confirmed via MongoDB Jira SERVER-124190.

Denial Of Service Microsoft Mongodb Server
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Denial of service in MongoDB Server 8.0 allows authenticated users with aggregation pipeline privileges to crash the server process by issuing a specially crafted aggregation followed by a getMore command on the same cursor, triggering a null pointer dereference in the aggregation stage's _subPipeline field. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the low attack complexity and minimal privilege requirement make it a credible availability threat for multi-tenant or shared MongoDB deployments.

Denial Of Service Null Pointer Dereference Mongodb Server
NVD
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Pre-authentication denial-of-service in MongoDB Server allows unauthenticated remote clients to crash the database process by submitting a crafted 'mechanism' value to the 'authenticate' command when OIDC authentication is configured. The flaw carries a CVSS 4.0 base score of 8.2 driven by network reachability, no privileges required, and high availability impact; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Mongodb Server
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Denial-of-service in Adobe CAI Content Credentials (c2pa-web 0.7.1 and c2pa 0.80.1 and earlier) allows remote unauthenticated attackers to crash the application by triggering an integer overflow during C2PA content processing. With a CVSS of 7.5 (AV:N/AC:L/PR:N/UI:N) and no public exploit identified at time of analysis, the bug carries pure availability impact - no data exposure or code execution - but is trivially reachable by anyone who can feed input to the library.

Denial Of Service Integer Overflow Cai Content Credentials
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Denial-of-service in Adobe's CAI Content Credentials SDK (c2pa-web 0.7.1 and c2pa 0.80.1 and earlier) allows remote unauthenticated attackers to crash the application by submitting malformed input that bypasses validation. The flaw carries a CVSS 7.5 rating driven entirely by availability impact, with no confidentiality or integrity consequences. There is no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

Denial Of Service Cai Content Credentials
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Uncontrolled resource consumption in Adobe CAI Content Credentials (c2pa-web@0.7.1 and c2pa-v0.80.1 and earlier) allows a local attacker without privileges to exhaust system resources, resulting in a denial-of-service condition. The vulnerability requires no user interaction, meaning it can be triggered programmatically by any process with local access to a system running the affected SDK. No public exploit code or CISA KEV listing has been identified at time of analysis.

Denial Of Service Cai Content Credentials
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Improper input validation in Adobe's CAI Content Credentials SDK (c2pa-web@0.7.1 and c2pa-v0.80.1 and earlier) permits a local attacker to crash the consuming application by supplying malformed input, resulting in a denial-of-service condition. No user interaction is required once the attacker can deliver crafted input to the locally running process. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog; however, the crash-based impact and low attack complexity make it straightforward to trigger.

Denial Of Service Cai Content Credentials
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Uncontrolled resource consumption in Adobe CAI Content Credentials SDK (c2pa-web@0.7.1 and c2pa-v0.80.1 and earlier) allows a local, unprivileged attacker to exhaust system resources and trigger an application-level denial-of-service condition. The CVSS vector confirms local attack vector with no privileges required and no user interaction, meaning any local process or user context capable of invoking the SDK can trigger the condition. No public exploit code or CISA KEV listing has been identified at time of analysis, and the availability impact is rated High with no confidentiality or integrity exposure.

Denial Of Service Cai Content Credentials
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Uncontrolled resource consumption in Adobe's CAI Content Credentials SDK (c2pa-web@0.7.1 and c2pa-v0.80.1 and earlier) allows a local, unprivileged attacker to exhaust system resources and crash the hosting application. The CVSS vector confirms local access is required, limiting exposure primarily to environments where untrusted users share process space with SDK-consuming applications, such as multi-tenant systems or services that process attacker-supplied C2PA credential data from disk or local input. No public exploit has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Denial Of Service Cai Content Credentials
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Denial-of-service in Adobe CAI Content Credentials (c2pa-web 0.7.1 and c2pa 0.80.1 and earlier) allows remote unauthenticated attackers to exhaust system resources and crash the application by triggering uncontrolled resource consumption during C2PA content processing. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the CVSS 7.5 score reflects easy network-based exploitation with no user interaction required. Affected deployments are those embedding Adobe's Content Authenticity SDK for verifying or generating C2PA provenance manifests on web-facing services.

Denial Of Service Cai Content Credentials
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) occurs when a victim opens a maliciously crafted PDF, triggering a use-after-free memory corruption that lets the attacker run code with the privileges of the logged-on user. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; however, Acrobat Reader is a perennial target for phishing-delivered malware, making patching a near-term priority. Adobe has issued APSB26-63 with fixed builds.

Memory Corruption RCE Use After Free +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) is triggered when a user opens a malicious PDF, exploiting a Use-After-Free memory corruption flaw to run code as the current user. No public exploit identified at time of analysis, and EPSS data was not provided, but the high CVSS of 7.8 combined with Reader's massive install base makes this a routine patch priority. Vendor (Adobe) issued advisory APSB26-63 with corrective updates.

Memory Corruption RCE Use After Free +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier results from a use-after-free memory corruption bug (CWE-416) triggered when a victim opens a malicious PDF. Code runs in the security context of the current user, making this a credible client-side initial-access vector via phishing or drive-by document delivery. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Memory Corruption RCE Use After Free +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651 and earlier) is possible when a victim opens a maliciously crafted PDF, triggering a use-after-free memory corruption flaw. Code runs with the privileges of the current user, and no public exploit identified at time of analysis, though Adobe has released APSB26-63 as the corresponding advisory.

Memory Corruption RCE Use After Free +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier is possible when a victim opens a maliciously crafted file that triggers a use-after-free in the document parser. The flaw runs code in the context of the logged-in user and carries a CVSS 7.8 (High) score, but requires user interaction; no public exploit identified at time of analysis and EPSS data is not provided in the input.

Memory Corruption RCE Use After Free +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Use After Free memory disclosure in Adobe Acrobat Reader versions 24.001.30365 and 26.001.21651 (and earlier) exposes sensitive process memory contents when a victim opens a specially crafted malicious file. The CVSS vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) confirms the attack is local, requires no privileges, but mandates user interaction - the victim must manually open the attacker-supplied document. Impact is limited to confidentiality (C:H), with no integrity or availability consequence. No public exploit identified at time of analysis, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.

Denial Of Service Adobe Use After Free +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651, and earlier) is possible when a victim opens a maliciously crafted document, triggering a use-after-free condition in the renderer. The flaw runs code in the context of the current user and has no public exploit identified at time of analysis, though Adobe issued advisory APSB26-63 confirming the vulnerability class and affected versions.

Memory Corruption RCE Use After Free +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier occurs through a use-after-free flaw triggered when a victim opens a maliciously crafted PDF document. Code executes in the context of the current user, making this a classic client-side document exploit vector. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Memory Corruption RCE Use After Free +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader (versions 24.001.30365, 26.001.21651 and earlier) is possible when a victim opens a maliciously crafted PDF that triggers a use-after-free condition in the parser. Exploitation runs at the privilege of the user opening the file, and no public exploit identified at time of analysis. CVSS 7.8 reflects the local attack vector and required user interaction, but Reader's massive install base makes this a high-value target for phishing-driven campaigns.

Memory Corruption RCE Use After Free +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier stems from a Use After Free condition (CWE-416) that triggers when a victim opens a malicious PDF, yielding execution in the context of the current user. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the file-opening attack pattern is a perennial favorite in phishing and document-borne campaigns targeting Acrobat. Adobe has shipped fixed builds under advisory APSB26-63.

Memory Corruption RCE Use After Free +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier occurs through a use-after-free condition triggered by opening a malicious PDF document. Successful exploitation runs code in the context of the current user, but no public exploit identified at time of analysis and the issue requires user interaction to open the crafted file.

Memory Corruption RCE Use After Free +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Integer overflow in Adobe Acrobat Reader triggers an application crash when processing a specially crafted file, resulting in a denial-of-service condition. Versions 24.001.30365 and 26.001.21651 and earlier are confirmed affected per Adobe advisory APSB26-63. Impact is limited to availability - no confidentiality or integrity compromise is possible - and no public exploit or active exploitation has been identified at time of analysis.

Denial Of Service Adobe Integer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Acrobat Reader 24.001.30365, 26.001.21651, and earlier versions occurs through a use-after-free condition triggered when a victim opens a malicious PDF file. Successful exploitation runs attacker-supplied code with the privileges of the current user, making this a viable phishing and drive-by document attack vector. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Memory Corruption RCE Use After Free +2
NVD
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Denial of service in the npm image-size library (versions 1.1.0-1.2.0 and 2.0.0-2.0.1) lets remote unauthenticated attackers hang any application that parses untrusted JXL, HEIF, or JP2 images. By supplying a crafted file whose ISO-BMFF-style box declares a size of zero, the findBox routine never advances its offset and enters an infinite loop during validation. No public exploit identified at time of analysis, though the vendor advisory includes payload details that make weaponization straightforward.

Denial Of Service Image Size
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW PATCH Monitor

{0}` or `{0+}`, allowing a smuggled literal-continuation marker to reach the IMAP server and cause it to absorb the next client command - hanging the issuing thread and, in multi-threaded environments, also the thread that sent the follow-up command. Rated low severity by the maintainers; no public exploit identified at time of analysis, but any application passing untrusted input to the affected raw argument parameters is at risk.

Denial Of Service Command Injection
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

NULL Pointer Dereference in Adobe InDesign Desktop versions 21.3 and 20.5.3 and earlier allows a local attacker to crash the application by delivering a crafted document file that a victim must open, resulting in a denial-of-service condition with no confidentiality or integrity impact. Exploitation is constrained by mandatory user interaction (UI:R) and a local attack vector (AV:L), significantly limiting real-world risk beyond targeted social-engineering scenarios involving design professionals. No public exploit code has been identified and CISA has not added this to the Known Exploited Vulnerabilities catalog.

Denial Of Service Null Pointer Dereference Indesign Desktop
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe InDesign Desktop 21.3, 20.5.3 and earlier stems from a use-after-free condition triggered when a user opens a maliciously crafted document, allowing an attacker to run code with the privileges of the logged-in user. The flaw is reported by Adobe with a CVSS 3.1 base score of 7.8 and tagged for RCE, denial of service, and memory corruption, but there is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Denial Of Service Use After Free Memory Corruption +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

NULL Pointer Dereference in Adobe InDesign Desktop versions 21.3, 20.5.3 and earlier enables a denial-of-service condition by crashing the application when a victim opens a specially crafted malicious file. The vulnerability carries no confidentiality or integrity impact - availability is the sole affected component. No public exploit code has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog, limiting its urgency relative to higher-severity Adobe vulnerabilities.

Denial Of Service Null Pointer Dereference Indesign Desktop
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Unrestricted resource allocation in AMD µProf allows a local low-privileged user to consume excessive system resources, resulting in a loss of availability (denial of service). The CVSS 4.0 score of 6.8 reflects a locally exploitable, low-complexity attack requiring only low privileges with no user interaction needed. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis; however, the straightforward nature of resource exhaustion attacks makes it a realistic local threat on systems where AMD µProf is deployed.

Denial Of Service Amd Amd Prof
NVD VulDB
EPSS 0% CVSS 6.8
MEDIUM This Month

Improper access control in AMD µProf exposes a kernel-shared memory section to low-privileged local users, enabling writes that can crash the system or cause a denial of service. All AMD µProf versions prior to 5.3 are affected across supported platforms. No public exploit code has been identified and this CVE is not listed in CISA KEV, but the CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:L/UI:N) indicates straightforward local exploitation requiring only basic user privileges with no additional complexity or user interaction.

Denial Of Service Amd Amd Prof
NVD VulDB
EPSS 1% CVSS 7.5
HIGH POC PATCH Exploit Likely This Week

Remote denial-of-service in Microsoft's HTTP/2 implementation allows unauthenticated network attackers to exhaust server resources and disrupt service availability. The flaw (CWE-400, uncontrolled resource consumption) was reported by Microsoft's MSRC and carries a CVSS 7.5 score driven entirely by availability impact, with no public exploit identified at time of analysis.

Denial Of Service
NVD VulDB GitHub
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Kernel allows an authenticated low-privileged user to elevate to SYSTEM by triggering a use-after-free condition (CWE-416). The flaw carries a CVSS 7.8 score with local attack vector and low privileges required, and no public exploit has been identified at time of analysis. Microsoft Security Response Center (MSRC) is the sole referenced authoritative source, indicating this is a vendor-discovered and vendor-tracked issue.

Microsoft Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Office Click-To-Run stems from a use-after-free condition (CWE-416) that lets an authorized low-privilege user elevate to higher privileges on the host. The flaw, reported by Microsoft's MSRC, carries a CVSS 7.0 (AV:L/AC:H/PR:L) reflecting that exploitation requires local access, low privileges, and a successful race-window or memory-state condition. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Microsoft Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Exploit Unlikely Act Now

Remote code execution in the Windows Kernel allows unauthenticated network attackers to execute arbitrary code by triggering a use-after-free condition (CWE-122 heap-related memory corruption). The flaw was reported by Microsoft (secure@microsoft.com) and carries a critical CVSS 9.8 with no public exploit identified at time of analysis. Tag metadata indicates the bug can also be leveraged for heap overflow and denial-of-service outcomes.

Denial Of Service Heap Overflow Microsoft +1
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Local privilege escalation in Microsoft Windows Kernel allows an authenticated low-privilege attacker to elevate to SYSTEM by triggering a use-after-free condition in kernel memory. The flaw carries a CVSS 7.0 rating with high attack complexity, and no public exploit identified at time of analysis. Exploitation requires a race condition or specific timing to be won, which constrains reliable weaponization but does not eliminate the risk on multi-user or shared Windows hosts.

Denial Of Service Heap Overflow Microsoft +14
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely Act Now

Local privilege escalation in the Windows Bluetooth Port Driver allows an authorized low-privileged attacker to elevate to higher privileges by triggering a use-after-free condition in the kernel-mode driver. The flaw is reported by Microsoft Security Response Center and carries a CVSS 7.0 (high) rating with high attack complexity, and no public exploit identified at time of analysis. EPSS data and CISA KEV status were not provided in the input, so widespread exploitation is not confirmed.

Microsoft Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver (AFD.sys) for WinSock allows an authenticated low-privileged user to gain SYSTEM-level access through a use-after-free condition. The flaw was reported by Microsoft (MSRC) and carries a CVSS 7.8 score with high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis, though the AFD.sys driver has a long history of similar bugs being weaponized post-disclosure.

Denial Of Service Heap Overflow Microsoft +14
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Desktop Window Manager (DWM) Core Library enables an authorized low-privileged user to gain elevated privileges through a use-after-free memory corruption flaw. The vulnerability carries a CVSS 3.1 score of 7.8 with high impact on confidentiality, integrity, and availability, and no public exploit identified at time of analysis. Exploitation requires the attacker to already have local code execution as a standard user, making it a strong candidate for post-compromise chaining toward SYSTEM-level access.

Microsoft Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 8.1
HIGH PATCH Exploit Unlikely This Week

Remote code execution in the Microsoft Windows Universal Plug and Play stack (upnp.dll) allows unauthenticated network attackers to execute arbitrary code on affected hosts by triggering a memory-safety flaw in the UPnP service. The issue carries a CVSS 3.1 base score of 8.1 (AV:N/AC:H/PR:N/UI:N), reflecting network reachability without credentials but high attack complexity. At time of analysis there is no public exploit identified and the CVE is not listed in CISA KEV.

Denial Of Service Memory Corruption Windows 10 1607 +12
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Bluetooth Service stems from a use-after-free condition (CWE-416) that an authenticated low-privilege user can trigger to gain elevated rights on the host. The CVSS 7.8 vector (AV:L/AC:L/PR:L/UI:N) reflects a fully local attack with high impact across confidentiality, integrity, and availability, and no public exploit has been identified at time of analysis. The flaw was reported by Microsoft (secure@microsoft.com) and tracked in the MSRC update guide.

Microsoft Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (afd.sys) allows an authenticated low-privileged user to elevate to SYSTEM by winning a race condition that triggers a use-after-free. The flaw is reported by Microsoft (MSRC) and carries CVSS 7.0 with high attack complexity, but no public exploit is identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Microsoft Race Condition +13
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (AFD.sys) allows an authenticated low-privileged attacker to win a race condition and gain SYSTEM-level execution. The flaw is a use-after-free triggered through concurrent WinSock operations, and at time of analysis no public exploit has been identified and the CVE is not on the CISA KEV list.

Denial Of Service Microsoft Race Condition +13
NVD VulDB
EPSS 0% CVSS 8.1
HIGH PATCH Exploit Unlikely This Week

Remote code execution in the Windows Universal Plug and Play service (upnp.dll) allows unauthenticated network attackers to execute arbitrary code by triggering a use-after-free condition. The flaw carries a CVSS 3.1 base score of 8.1, lowered by high attack complexity (AC:H) reflecting the race-condition or memory-state requirements typical of UAF bugs. No public exploit identified at time of analysis, and the CVE is not currently listed in CISA KEV; EPSS data was not provided in the input.

Denial Of Service Use After Free Memory Corruption
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (afd.sys) allows an authenticated low-privileged user to win a race condition and trigger a use-after-free, enabling code execution at kernel level. No public exploit identified at time of analysis, but AFD.sys has a long history of being a preferred LPE target and Microsoft has marked the issue as important. EPSS data was not provided in the source feed.

Denial Of Service Microsoft Race Condition +13
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (afd.sys) allows an authenticated local user to gain SYSTEM-level rights by winning a race condition that leads to a use-after-free in kernel memory. The flaw affects Windows installations where afd.sys is loaded (effectively all desktop and server SKUs) and was reported by Microsoft Security Response Center; no public exploit identified at time of analysis and the vulnerability is not listed on the CISA KEV catalog.

Denial Of Service Microsoft Race Condition
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows SDK enables an authenticated low-privileged attacker to elevate to higher privileges by exploiting a use-after-free memory corruption flaw. The CVSS 7.8 (AV:L/AC:L/PR:L) profile reflects local attack with low complexity and low privileges required, yielding full confidentiality, integrity, and availability impact. No public exploit identified at time of analysis and the vulnerability is not currently listed in CISA KEV.

Denial Of Service Microsoft Integer Overflow
NVD VulDB
EPSS 2% CVSS 7.5
HIGH PATCH Exploit Unlikely This Week

Remote denial of service in ASP.NET Core enables unauthenticated network attackers to exhaust server resources and disrupt application availability. The CVSS 7.5 score reflects high availability impact with low attack complexity and no required privileges or user interaction, though no public exploit identified at time of analysis. Microsoft (secure@microsoft.com) is the reporting source via MSRC, indicating a vendor-coordinated disclosure.

Denial Of Service Asp Net Core Visual Studio 2026 +1
NVD VulDB GitHub
EPSS 0% CVSS 8.2
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Linux MANA (Microsoft Azure Network Adapter) driver allows an authenticated attacker with high privileges on the host to escalate privileges across security boundaries by exploiting a use-after-free condition. The flaw was reported by Microsoft Security Response Center and carries a CVSS 3.1 score of 8.2 driven by scope change and high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library enables an authenticated low-privilege attacker to gain elevated rights through a use-after-free memory corruption flaw. The issue carries a CVSS 7.8 (High) rating with total confidentiality, integrity, and availability impact, and no public exploit identified at time of analysis. CISA SSVC scoring marks exploitation as 'none' and not automatable, suggesting limited real-world activity despite the severe technical impact.

Microsoft Use After Free Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library allows an authenticated low-privileged user to elevate to higher privileges on the host by triggering a use-after-free condition. The flaw was reported by Microsoft (MSRC) and carries a CVSS 7.8 with no public exploit identified at time of analysis. EPSS data was not provided and the issue is not currently listed in CISA KEV.

Denial Of Service Microsoft Windows 11 26h1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in the Windows Common Log File System (CLFS) Driver allows an authenticated low-privileged attacker to elevate to SYSTEM via a use-after-free memory corruption flaw. The vulnerability carries a CVSS 7.8 rating with high impact across confidentiality, integrity, and availability, and no public exploit identified at time of analysis. CLFS has a long history of being targeted for kernel-level privilege escalation, making this class of bug a recurring concern for Windows defenders.

Microsoft Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library stems from a use-after-free condition (CWE-122) that lets an authenticated low-privileged user gain elevated rights on affected Windows systems. The flaw was reported by Microsoft (secure@microsoft.com) and tracked via MSRC, with no public exploit identified at time of analysis and no CISA KEV listing. CVSS 7.8 reflects high impact on confidentiality, integrity, and availability once the attacker has local foothold.

Denial Of Service Heap Overflow Microsoft +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Desktop Window Manager (DWM) Core Library allows an authenticated low-privileged user to elevate to SYSTEM via a use-after-free memory corruption flaw. CVSS 7.8 with high impact to confidentiality, integrity, and availability, but currently no public exploit identified at time of analysis and CISA SSVC rates exploitation status as 'none' with automation as 'no'.

Microsoft Use After Free Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Use-after-free in the Windows Network Controller (NC) Host Agent enables a locally authenticated attacker to crash the service, resulting in a denial of service on affected Windows Server deployments. The vulnerability carries a CVSS score of 5.5 (Medium) with local attack vector and low-privilege requirements, limiting its blast radius to service availability - confidentiality and integrity are unaffected. No public exploit code exists and CISA KEV listing is absent at time of analysis, though a vendor patch from Microsoft is available and should be prioritized on Windows Server deployments leveraging Software Defined Networking.

Microsoft Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library allows an authenticated low-privileged user to elevate to higher privileges by exploiting a use-after-free memory corruption flaw (CWE-416). The issue was reported by Microsoft's security team (secure@microsoft.com) and tracked via MSRC, with no public exploit identified at time of analysis. Successful exploitation yields full confidentiality, integrity, and availability impact on the local host.

Microsoft Use After Free Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library allows an authenticated low-privilege attacker to gain higher privileges through a use-after-free memory corruption flaw. The vulnerability carries a CVSS score of 7.8 with high impact across confidentiality, integrity, and availability, and no public exploit identified at time of analysis. Successful exploitation typically yields SYSTEM-level code execution on the affected Windows host.

Microsoft Use After Free Memory Corruption +11
NVD VulDB
EPSS 0% CVSS 8.1
HIGH PATCH Exploit Unlikely This Week

Remote code execution in Microsoft Windows Deployment Services (WDS) allows unauthenticated network-based attackers to execute arbitrary code by exploiting a use-after-free memory corruption flaw (CWE-416). The CVSS 8.1 score reflects high impact on confidentiality, integrity, and availability, though exploit complexity is rated High. No public exploit identified at time of analysis, and SSVC marks exploitation status as none with the flaw classified as not automatable.

Microsoft Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Microsoft Graphics Component allows an authenticated low-privileged attacker to gain elevated rights via a use-after-free memory corruption flaw (CWE-416). The issue carries a CVSS 7.8 (High) rating with full confidentiality, integrity, and availability impact on the affected host. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Microsoft Denial Of Service Memory Corruption +14
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Local privilege escalation in Microsoft Windows Kernel allows an authorized low-privileged attacker to gain elevated (SYSTEM-level) privileges by triggering a use-after-free condition in kernel memory. The flaw carries a CVSS 7.0 (High) rating with high attack complexity, and Microsoft has released a patch via MSRC; no public exploit identified at time of analysis. Successful exploitation breaks the local Windows security boundary, enabling full host compromise from any authenticated session.

Microsoft Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft Windows Desktop Window Manager (DWM) Core Library enables an authenticated low-privileged attacker to gain elevated privileges through a use-after-free memory corruption flaw. CVSS 7.8 reflects high impact on confidentiality, integrity, and availability but requires local access and existing user-level credentials. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Microsoft Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH Exploit Unlikely This Month

Windows Kerberos out-of-bounds read (CWE-125) allows a low-privilege network attacker to crash the Kerberos authentication service across all actively supported Windows client and server platforms, from Windows Server 2012 through Windows Server 2025 and Windows 11 26H1. The attack requires prior domain authentication and high-complexity triggering conditions (CVSS AC:H), limiting opportunistic mass exploitation, though a successful attack against a domain controller can deny authentication domain-wide by crashing the KDC. Vendor patches are available via the Microsoft MSRC advisory; no public exploit code exists and SSVC confirms no observed exploitation at time of analysis.

Denial Of Service Information Disclosure Microsoft +14
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (afd.sys) allows an authenticated low-privileged user to elevate to SYSTEM via a use-after-free condition. The flaw affects Microsoft Windows installations using the standard WinSock kernel driver and has a vendor-released patch available through Microsoft's security update guide. No public exploit has been identified at time of analysis, though afd.sys has historically been a frequent target for elevation-of-privilege exploitation.

Microsoft Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH Exploit Likely This Week

Local privilege escalation in the Windows Desktop Window Manager (DWM) Core Library enables an authorized low-privilege user to elevate to higher privileges via a use-after-free condition. The flaw carries a CVSS 7.8 (High) and no public exploit identified at time of analysis, though Microsoft has acknowledged the issue through MSRC. Successful exploitation grants full confidentiality, integrity, and availability impact on the affected host.

Microsoft Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Null pointer dereference in Windows Kerberos enables an authenticated network attacker to crash the Kerberos service, causing denial of service. The CVSS vector (AV:N/AC:L/PR:L/UI:N) confirms exploitation is achievable over the network by any low-privilege authenticated user with no user interaction required, resulting in high availability impact (A:H) with no confidentiality or integrity consequences. No active exploitation confirmed (not in CISA KEV), and no public exploit code has been identified at time of analysis.

Denial Of Service Null Pointer Dereference Microsoft
NVD VulDB
EPSS 0% CVSS 7.0
HIGH PATCH Act Now

Local privilege escalation in the Windows Ancillary Function Driver for WinSock (AFD.sys) allows an authenticated low-privileged user to elevate to SYSTEM by triggering a use-after-free condition in the kernel-mode driver. No public exploit identified at time of analysis and the issue is not listed in CISA KEV, but AFD.sys has a long history of being targeted for kernel EoP, making this a likely candidate for future weaponization. CVSS 7.0 reflects the high attack complexity required to reliably win the underlying race or reuse condition.

Microsoft Use After Free Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.3
HIGH This Week

Heap-based buffer overflow in NVIDIA DALI enables local authenticated attackers to achieve code execution, data tampering, denial of service, or information disclosure when a victim user interacts with attacker-supplied input. The flaw affects the Data Loading Library used in GPU-accelerated deep learning data pipelines and carries a CVSS 3.1 score of 7.3 (High). No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Nvidia Heap Overflow RCE +3
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Local code execution and data tampering in NVIDIA DALI (Data Loading Library) is possible when a low-privileged user is tricked into processing attacker-controlled input through a component that performs improper index validation (CWE-129). The CVSS 7.3 vector (AV:L/AC:L/PR:L/UI:R) indicates local access, low privileges, and user interaction are required, with high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Denial Of Service Information Disclosure Nvidia +1
NVD
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Resource exhaustion in Hermes WebUI before v0.51.270 allows unauthenticated remote attackers to degrade service availability by abusing the WebAuthn passkey options endpoint without rate limiting or challenge lifecycle enforcement. Repeated POST requests to the authentication endpoint cause the server-side challenge store file to grow without bound, generating sustained CPU load and disk I/O pressure through continuous JSON file rewrites. No public exploit identified at time of analysis and not listed in CISA KEV; EPSS data was not available in provided intelligence. The fix is confirmed in the vendor-released v0.51.270.

Denial Of Service Hermes Webui
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in FreeSWITCH prior to version 1.11.1 allows remote unauthenticated attackers to crash the entire telephony process by sending a single WebSocket frame carrying a deeply nested JSON document. The recursive parsing exhausts the worker thread's stack and triggers SIGSEGV via the kernel stack guard page, terminating all active calls and sessions on the host. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV, but the trivial network-reachable trigger and availability-only impact make it a credible service-disruption risk for exposed VoIP infrastructure.

Denial Of Service Freeswitch
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Unauthenticated outbound bandwidth amplification in FreeSWITCH versions prior to 1.11.1 allows remote attackers to coerce the server into emitting roughly 20 GB of traffic per short request via the mod_verto WebSocket #SPU speed-test command. The pre-auth code path parses the requested payload size with atoi() and only rejects non-positive values, letting a peer ask for up to INT_MAX bytes and triggering a size*10 download. No public exploit is identified at time of analysis, but the high-severity CVSS (7.5, A:H) and trivial trigger make this a credible DDoS-as-a-service primitive.

Denial Of Service Freeswitch
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Heap corruption in FreeSWITCH libesl prior to version 1.11.1 allows a malicious or man-in-the-middle Event Socket Library (ESL) peer to crash or corrupt the memory of any process linked against libesl by sending a frame containing a negative Content-Length header. The flaw is pre-authentication and reachable before the client completes authentication to the peer, and no public exploit identified at time of analysis despite a CVSS of 9.1.

Denial Of Service Freeswitch
NVD GitHub
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Denial of service in Elixir's standard library Version module (versions 1.5.0 through 1.20.0) allows any caller passing an attacker-controlled version string to exhaust CPU and memory or crash the calling BEAM process. The five public entry points - Version.parse/1, Version.parse!/1, Version.match?/3, Version.compare/2, and Version.parse_requirement/1 - pass numeric version components to :erlang.binary_to_integer/1 without length bounds, triggering super-linear arbitrary-precision integer conversion; a single ~1 MB all-digit component suffices. Applications routinely invoke these functions on untrusted input (HTTP parameters, package metadata), making the effective attack surface broader than the CVSS AV:L classification implies. No public exploit has been identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Denial Of Service Suse Red Hat
NVD GitHub
EPSS 0% CVSS 4.9
MEDIUM This Month

Stack buffer overflow in 389 Directory Server's pw.c checkPrefix() function allows a network-accessible Directory Manager to crash the LDAP server by storing a crafted credential with an oversized algorithm ID. The vulnerable code copies attacker-controlled input into a fixed 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. FORTIFY_SOURCE compiler hardening constrains impact to denial of service - preventing arbitrary code execution - but service disruption against a critical authentication infrastructure component remains operationally significant. No public exploit identified at time of analysis.

Denial Of Service Stack Overflow Buffer Overflow +8
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM This Month

Uncontrolled CPU consumption in Red Hat 389 Directory Server's PBKDF2-SHA256 password storage plugin allows a highly privileged attacker who has write access to stored password hashes to craft a hash embedding an arbitrarily large iteration count, causing the LDAP server to exhaust CPU resources during any subsequent authentication attempt by the targeted user. Affected products span Red Hat Directory Server 11 through 13 and the 389-ds package as shipped across Red Hat Enterprise Linux 6 through 10. No public exploit has been identified at time of analysis, and active exploitation has not been confirmed by CISA KEV.

Denial Of Service Red Hat Directory Server 11 Red Hat Directory Server 12 +6
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Denial-of-service in Red Hat's 389 Directory Server allows a highly privileged network attacker to crash the LDAP service by submitting a crafted password hash shorter than 16 bytes during authentication. The SMD5 password storage plugin performs an unsigned integer underflow (CWE-191) when computing salt length from this malformed input, producing a buffer over-read that terminates the server process. No public exploit code exists and this vulnerability has not been confirmed actively exploited (CISA KEV), but the impact is a complete loss of LDAP availability with low attack complexity once the required privilege level is achieved.

Denial Of Service Integer Overflow Red Hat Directory Server 11 +7
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Remote denial of service in 389 Directory Server (Red Hat Directory Server 11/12/13 and Red Hat Enterprise Linux 6 through 10) allows unauthenticated network attackers to crash the LDAP daemon by exploiting an unchecked BER structure allocation in the dereference control plugin when the host is under memory pressure. No public exploit identified at time of analysis, and EPSS exploitation probability is very low (0.09%, 25th percentile), but the unauthenticated network-reachable nature warrants prompt patching of internet-facing or business-critical directory services.

Denial Of Service Null Pointer Dereference Red Hat Directory Server 11 +7
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use-after-free and VFS invariant violations in the Linux kernel SMC subsystem (5.17 through pre-6.19.4) allow local privileged users to trigger memory corruption and system instability via the TCP ULP-to-SMC conversion path. The upstream maintainers fully reverted the underlying commit d7cd421da9da rather than attempting an in-place fix, citing fundamental design flaws; no public exploit identified at time of analysis and EPSS sits at 0.02% (5th percentile).

Linux Denial Of Service Use After Free +1
NVD VulDB
Prev Page 15 of 406 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy