Denial Of Service
Monthly
Remote code execution in Google Chrome desktop before 150.0.7871.115 lets a remote attacker run arbitrary code (constrained to the renderer sandbox) by luring a victim to a crafted HTML page that triggers a use-after-free in the Actor component. The flaw is network-reachable and requires only that the user visit a malicious page, but Chromium rates the severity High rather than Critical because code execution stays inside the renderer sandbox. No public exploit identified at time of analysis; no EPSS or KEV signal was supplied in the input.
Sandbox escape in Google Chrome for Android before 150.0.7871.115 stems from a use-after-free in the Autofill component, letting a remote attacker who lures a victim to a crafted HTML page potentially break out of the renderer sandbox. Rated High by Chromium and carrying a CVSS 9.6 due to the scope-changing impact, it currently has no public exploit identified at time of analysis and is not listed in CISA KEV. A vendor patch shipped via the Chrome Stable channel update.
Remote heap corruption in Google Chrome desktop before 150.0.7871.115 stems from a use-after-free (CWE-416) in Ozone, the platform abstraction layer that mediates windowing, graphics, and input. A remote attacker who lures a victim into loading a crafted HTML page can trigger the freed-memory reuse and potentially achieve renderer-level code execution; Chromium rates the underlying flaw Critical. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the network-reachable, no-privilege, low-complexity CVSS 8.8 profile makes it a high-priority browser patch.
Heap corruption in Google Chrome's Views UI framework (versions prior to 150.0.7871.115) lets a remote attacker who lures a user into performing specific UI gestures on a crafted HTML page potentially execute code or crash the browser via a use-after-free. Google rates the Chromium severity High; there is no public exploit identified at time of analysis and it is not listed in CISA KEV, though Chrome UAF bugs are historically attractive exploitation targets.
Use after free in Extensions in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
Renderer-process code execution in Google Chrome desktop before 150.0.7871.115 arises from a use-after-free in the IndexedDB implementation, letting a remote attacker run arbitrary code within the Chromium sandbox when a victim opens a crafted HTML page. Chromium rated the flaw Medium severity even though the CVSS base score is 8.8, reflecting that execution is confined to the sandboxed renderer rather than the host. A vendor patch is available and no public exploit has been identified at time of analysis.
Remote denial of service in OpENer 2.3.0 (commit 76b95cf), an open-source EtherNet/IP (CIP) communication stack, lets unauthenticated network attackers exhaust device resources through the network processing loop, rendering the affected industrial device unavailable. The flaw carries CVSS 7.5 (availability-only impact) and publicly available exploit code exists (referenced GitHub gist and issue #562), though it is not listed in CISA KEV and EPSS is low at 0.20% (10th percentile), indicating no observed widespread exploitation. Because OpENer typically runs on embedded ICS/IIoT endpoints, loss of availability can translate directly to loss of process visibility or control.
Remote denial of service in the JavaScript @libp2p/gossipsub module (all versions prior to 16.0.0) lets any connected peer stall a victim node by sending oversized IHAVE/IWANT control messages. Because defaultDecodeRpcLimits left maxIhaveMessageIDs and maxIwantMessageIDs set to Infinity, a single 4 MB RPC frame forces roughly 180,000 message IDs to be iterated synchronously, blocking the Node.js event loop and freezing the process. No public exploit identified at time of analysis; the flaw is remotely reachable without authentication against affected default configurations.
Denial of service in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 is caused by a heap-based buffer overflow in the Catapult DCT2000 protocol dissector, crashing the application when a crafted capture file is opened. The CVSS local attack vector (AV:L) and required user interaction (UI:R) constrain exploitation to scenarios where an analyst is socially engineered into opening a malicious capture file - no remote or unauthenticated network exploitation path exists. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV; vendor-released fixes are available in 4.6.7 and 4.4.17.
The pcapng file parser in Wireshark 4.6.0 through 4.6.6 contains a heap-based buffer overflow (CWE-122) that crashes the application, resulting in denial of service. An attacker must convince a user to open a specially crafted pcapng capture file, making this a social-engineering-dependent attack with no network-facing exploitation path. No public exploit code has been identified at time of analysis and the vulnerability is not listed in CISA KEV; a vendor patch is available in Wireshark 4.6.7.
The FMP/NOTIFY protocol dissector in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 crashes when processing malformed packet data, resulting in a denial of service against the application. Exploitation requires a victim to open a crafted packet capture file or analyze injected traffic, making this a social-engineering-dependent vector rather than a remotely triggerable flaw. A vendor-released patch is available in versions 4.6.7 and 4.4.17; no public exploit or CISA KEV listing has been identified at time of analysis.
Wireshark's SSH protocol dissector crashes via a null pointer dereference (CWE-476) in versions 4.4.0-4.4.16 and 4.6.0-4.6.6, enabling denial of service against any analyst or engineer running an affected build. The flaw is triggered locally when Wireshark processes malformed SSH protocol data, whether from a live capture or a crafted packet capture file, causing the application to crash and disrupting network analysis workflows. No active exploitation has been confirmed in CISA KEV, and no public exploit code is known at time of analysis.
Heap-based buffer overflow in Wireshark's Z39.50 protocol dissector crashes the application when processing malformed Z39.50 PDUs, resulting in denial of service. Affected versions span the 4.4.x branch (4.4.0-4.4.16) and 4.6.x branch (4.6.0-4.6.6). An attacker can trigger the crash by persuading an analyst to open a crafted packet capture file or by injecting malicious Z39.50 traffic onto a monitored network segment; no active exploitation (CISA KEV) or public exploit code has been identified at time of analysis.
Denial of service in Wireshark's UMTS FP protocol dissector affects the 4.6.0-4.6.6 and 4.4.0-4.4.16 release branches, where a malformed UMTS Frame Protocol packet triggers a heap-based buffer overflow (CWE-122) that crashes the application. A remote attacker who can get the crafted frame parsed - via live capture on a monitored segment or a shared capture file - can reliably terminate the analyzer, with no confidentiality or integrity impact. Publicly available exploit code exists (SSVC=poc) but it is not on CISA KEV, and EPSS is low at 0.14% (4th percentile), indicating minimal observed exploitation pressure.
Denial of service in Wireshark's DBS Etherwatch dissector affects release branches 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16, where a malformed capture file or crafted packet can crash the application. The flaw is a stack-based buffer overflow (CWE-121) that manifests only as an availability impact - no confidentiality or integrity loss and no confirmed code execution - carrying a 7.5 (High) CVSS. No public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Stack-based buffer overflow in Wireshark's IEEE 802.11 (Wi-Fi) protocol dissector crashes the application, resulting in denial of service across versions 4.6.0-4.6.6 and 4.4.0-4.4.16. An attacker with the ability to deliver a malicious packet capture file, or inject crafted 802.11 frames into a live capture session, can crash the Wireshark process on a victim analyst's machine. No public exploit code has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog; vendor-released patches (4.6.7 and 4.4.17) are available.
Denial of service in Wireshark 4.6.0 through 4.6.6 lets a remote attacker crash the application by feeding it a malformed TLS packet using the Encrypted Client Hello (ECH) extension, triggering a heap buffer overflow in the ECH decryptor. No authentication or user interaction beyond processing the traffic is required, though impact is limited to availability (analyzer crash) with no code execution or data disclosure claimed. Publicly available exploit code exists per SSVC (POC), EPSS is low at 0.14% (4th percentile), and it is not listed in CISA KEV.
Denial of service in Wireshark's ciscodump remote capture utility (extcap) affects versions 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16, where a heap-based buffer overflow (CWE-122) can crash the capture tool. An attacker able to feed crafted data to a running ciscodump session can terminate the process, disrupting live packet capture. A POC is referenced by CISA's SSVC assessment (no public exploit code independently identified), it is not in CISA KEV, and EPSS is very low at 0.10% (1st percentile), indicating minimal likelihood of widespread exploitation.
Denial of service in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 lets a remote attacker crash or hang the application by feeding it crafted packets that trigger infinite loops in multiple protocol dissectors. No public exploit is identified at time of analysis, and the flaw is limited to availability - no code execution or data exposure. Real-world urgency is modest: EPSS sits at 0.12% and CISA SSVC rates exploitation as 'none' with only partial technical impact.
Memory corruption in the User-ID Terminal Server Agent (TSA) of Palo Alto Networks PAN-OS lets an unauthenticated network attacker crash the service (DoS) or potentially execute arbitrary code by sending crafted traffic to the TSA listener. Multiple out-of-bounds write bugs are involved; the vendor's CVSS 4.0 vector flags the exploit as unproven (E:U), and no public exploit has been identified at time of analysis. Panorama is explicitly not affected, and exposure hinges on whether the optional TSA component is deployed and reachable.
Path traversal in DSpace's Curation Task reporter parameter exposes authenticated Collection, Community, and Site Administrators to file write operations at arbitrary server-side paths writable by the DSpace/Tomcat OS user. Affected are DSpace versions through 7.6.6, 8.0-8.3, and 9.0-9.2, where the attack surface widened when web UI access was granted to admin roles beyond CLI-only system administrators. No public exploit or CISA KEV listing exists; the vendor-assigned CVSS 3.1 score of 5.5 (PR:H, A:H) correctly reflects that high-privilege credentials are required but the availability impact from overwriting configuration or binary files can be severe.
Authorization bypass in Zalando Skipper (<= v0.26.8) lets remote unauthenticated attackers defeat the opaAuthorizeRequestWithBody OPA filter by sending the request body with HTTP/1.1 Transfer-Encoding: chunked or HTTP/2 framing that omits content-length. Because net/http sets ContentLength = -1 for such requests, Skipper's body extractor buffers an empty body, so Rego policies that gate on input.parsed_body evaluate against an empty document, fail open, and forward the forbidden payload upstream. Publicly available exploit code exists (a full E2E Go PoC is embedded in the GHSA advisory); the flaw is not in CISA KEV and no EPSS score was provided.
ReDoS vulnerability in the guardrails-detectors component of Red Hat OpenShift AI enables adjacent-network attackers to submit specially crafted regular expressions to the public detection API, triggering catastrophic backtracking that pins a worker process at 100% CPU indefinitely. The availability impact extends beyond the component itself - the entire guardrails-mediated LLM pipeline is rendered non-functional. No public exploit identified at time of analysis, but exploitation requires no authentication and trivial effort from an adjacent network position.
Denial of service in the pypdf Python PDF library (all versions prior to 6.14.1) allows a remote attacker to hang a consuming application by supplying a malicious PDF. A page content stream containing an unterminated inline image drives the inline-image end-marker detection logic into an infinite loop, most notably triggered during page text extraction. No public exploit has been identified at time of analysis, but the CVSS 4.0 score of 8.7 reflects an unauthenticated, low-complexity availability attack, and a fixed release (6.14.1) is available.
Denial of service in pypdf before 6.14.2 lets a remote attacker hang any application that parses an attacker-supplied PDF: a page content stream carrying an unterminated inline image with an ASCII85 or ASCIIHex filter drives the parser into an infinite loop (CWE-835), most notably during page text extraction. The pure-Python library is very widely used in document-processing and data-ingestion pipelines, so a single malicious file can pin a CPU core and stall the worker. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the root cause is well-described and trivially reproducible.
{{ huge_array | pop }}` trigger an O(N) full clone of an attacker-influenced array that bypasses the engine's configured memoryLimit budget, enabling denial of service through memory exhaustion. The `pop` array filter in src/filters/array.ts clones its input via `[...toArray(v)]` without routing the allocation through `this.context.memoryLimit.use(...)`, so the safety guard applications rely on is silently defeated. There is no public exploit identified at time of analysis, EPSS/KEV data was not supplied, and the impact is limited to availability (no confidentiality or integrity loss).
Uncontrolled resource consumption in pypdf prior to 6.14.0 allows unauthenticated remote attackers to cause denial of service by submitting a crafted PDF containing repeated malformed cross-reference streams. The library's XRef table recovery routine performs unbounded work on such inputs, leading to excessive CPU time consumption and effectively hanging or severely degrading any application that processes attacker-supplied PDFs. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.
Memory exhaustion in HashiCorp memberlist before 0.6.0 allows network-accessible attackers to crash individual cluster nodes by sending crafted push/pull state synchronization messages to the gossip port, triggering unbounded memory allocation until the process terminates. The vulnerability is rooted in missing resource limits on incoming gossip state payloads (CWE-770). No public exploit code exists and CISA KEV listing is not confirmed; however, because memberlist underpins HashiCorp Consul, Nomad, and Vault cluster communication, a single exploitable node crash can disrupt distributed coordination in dependent systems.
Unbounded recursion in Mistune's Include directive (all versions prior to 3.3.0) can be triggered by a pair of mutually-referencing markdown files, bypassing the cycle detector that only checks for direct self-inclusion. An attacker who can supply markdown content processed by an application using the Include directive may crash the rendering request with a Python RecursionError, resulting in a denial of service. No public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV; a confirmed fix is available in version 3.3.0.
Denial of service in Mistune (the lepture Python Markdown parser) before 3.3.0 lets remote unauthenticated attackers exhaust CPU by submitting a Markdown document packed with many repeated or distinct reference-link definitions, which triggers quadratic-time processing in the block parser and its ref_links dictionary handling. Any service that renders attacker-supplied Markdown through Mistune (wikis, comment systems, docs pipelines, notebook converters) can be stalled with a single crafted input. No public exploit is identified at time of analysis and it is not in CISA KEV, but the low-complexity, no-auth vector makes weaponization trivial.
Denial of service in Mistune, a widely used pure-Python Markdown parser, affects all versions prior to 3.3.0 where the default inline parser exhibits quadratic (O(n²)) behavior on long runs of well-formed double- or triple-asterisk emphasis pairs. Because the parser rescans forward for matching close markers from every candidate opening run, a small crafted Markdown payload forces disproportionate CPU consumption, exhausting resources on any service that renders untrusted Markdown. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the low attack complexity and unauthenticated network vector make availability impact realistic against default configurations.
Denial of service in Mistune, a Python Markdown parser, affects all versions prior to 3.3.0 when the strikethrough, mark, or insert plugins are enabled. Remote attackers can submit crafted Markdown containing runs of closed tilde (~), equals (=), or caret (^) marker pairs that trigger quadratic-time scanning in the formatting plugin, exhausting CPU and rendering the parsing service unresponsive. No public exploit identified at time of analysis, and the flaw is not in CISA KEV; impact is limited to availability with no data exposure.
Denial of service in the Immutable.js JavaScript library (versions before 4.3.9 and 5.1.8) allows attackers who can influence an index or size value to crash or hang a Node.js/browser process. Passing a value between 2^30 and 2^31 to List#set, setSize, setIn, updateIn (or the functional equivalents) drives setListBounds into an uncatchable infinite loop on empty Lists, unbounded memory allocation until process abort on populated Lists, or a silent integer wrap on setSize. No public exploit code has been identified at time of analysis, and the flaw is not on the CISA KEV list; impact is availability-only.
Denial of service in Engine.IO 6.5.0 through 6.6.6 (the transport layer beneath Socket.IO) lets remote unauthenticated attackers crash the server by supplying a crafted session ID like '__proto__' during a WebTransport upgrade. Because the session ID is looked up against the internal clients object without guarding inherited properties, the resolved value is a prototype function rather than a client, triggering a TypeError that terminates request handling. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the trigger is trivial to reproduce on any server that has WebTransport enabled.
Denial-of-service via infinite loop in protobuf.js (the pure-JavaScript Protocol Buffers implementation for Node.js/browsers) affects versions 8.0.0 through <8.6.6 and 7.5.0 through <7.6.5. When the parser reads an option declaration in a .proto schema it advances through tokens looking for '=' without checking for end-of-input, so a truncated schema (e.g. 'option foo') hangs parse(), Root.load, or Root.loadSync forever, pinning a CPU core and stalling the event loop. No public exploit is identified at time of analysis and it is not in CISA KEV; EPSS is low (0.33%, 25th percentile), matching the SSVC rating of exploitation 'none' but automatable.
Denial of service in node-tar prior to 7.5.18 allows remote attackers to hang a Node.js application by feeding it a crafted tar archive: a checksum-valid header carrying a negative base-256 encoded entry size makes the tar.replace scanner advance zero bytes and re-parse the same header forever. No public exploit or active exploitation is identified at time of analysis, but the CVSS 4.0 base score of 8.7 reflects the high, easily-reachable availability impact. Only applications that call tar.replace on untrusted archive input are affected.
Uncontrolled resource consumption in node-tar before 7.5.19 lets a small crafted gzip bomb exhaust disk space and CPU on any Node.js application that extracts or parses attacker-supplied tar archives. Because node-tar imposes no upper bound on total decompressed size, entry count, or compression ratio in its extract and parse paths, a tiny malicious file can inflate to consume all available storage and processing, causing denial of service. No public exploit has been identified, but the fix is a straightforward, well-documented behavior change published in the vendor advisory GHSA-23hp-3jrh-7fpw.
Denial of service in Wazuh wazuh-modulesd (all releases before 5.0.0-beta3) lets an enrolled agent crash the manager's inventory synchronization module by sending a verifier-valid FlatBuffer DataValue message that omits the optional id field, triggering a null pointer dereference (CWE-476). Exploitation requires only a valid enrolled agent (PR:L) over the network with no user interaction; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Impact is availability-only - no data confidentiality or integrity loss - but it can repeatedly take down central inventory sync, blinding a security monitoring deployment.
Heap buffer overflow in ImageMagick's FTXT encoder exposes systems to denial of service and potential information disclosure when processing attacker-crafted image files. All ImageMagick versions before 7.1.2-19 are affected due to missing boundary checks when parsing the ftxt:format parameter, allowing an out-of-bounds read (CWE-125) in the FTXT encoder component. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog, though a vendor patch is available at 7.1.2-19.
## Summary Remote code execution and denial of service in FreeRDP before 3.22.0 stem from a use-after-free in the dynamic virtual channel manager (drdynvc), where `dvcman_channel_close` and `dvcman_call_on_receive` access `channel_callback` without proper synchronization (CWE-362). A malicious or compromised RDP server can race DYNVC_DATA and DYNVC_CLOSE messages to free a channel callback while another thread still uses it, corrupting the client heap. This is a client-side flaw affecting anyone connecting to an attacker-controlled server; no public exploit identified at time of analysis, and it is not listed in CISA KEV. ## Technical Context FreeRDP is a widely used open-source implementation of the Microsoft Remote Desktop Protocol, embedded in clients such as Remmina, GNOME Connections, Weston, and numerous commercial and VDI products. The bug lives in the drdynvc (Dynamic Virtual Channel) subsystem, which multiplexes optional channels (clipboard, audio, device redirection, etc.) over the RDP connection and processes them on a dedicated client thread. Per CWE-362 (concurrent execution using shared resource with improper synchronization / race condition), `dvcman_channel_close` (handling DYNVC_CLOSE) can free the `channel_callback` structure while `dvcman_call_on_receive` (handling DYNVC_DATA) is concurrently dereferencing it, producing a heap use-after-free. Because the RDP server dictates the timing and ordering of DYNVC_DATA and DYNVC_CLOSE PDUs, a hostile server controls the race window. ## Risk Assessment The published CVSS 4.0 vector (AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H) yields 8.3 (High), driven mainly by high availability impact with lower confidentiality/integrity impact — consistent with a heap corruption that reliably crashes the client (DoS) but only potentially yields RCE. AC:H correctly reflects that success depends on winning a non-deterministic thread race, which is unreliable and may require many attempts. There is no EPSS score, no KEV listing, and no confirmed public POC in the provided data, so exploitation pressure is currently low-to-unknown; the RCE and Denial Of Service tags reflect potential impact, not observed attacks. One nuance to verify: the vector uses UI:N/PR:N, but this is a client-side vulnerability requiring the victim to connect to a malicious server — a real-world limiting factor that raw CVSS understates. Net: a legitimate patch priority for fleets whose users connect to untrusted or reachable RDP endpoints, but not an emergency mass-exploitation scenario given AC:H and no evidence of exploitation. ## Affected Products FreeRDP (the open-source RDP client/library and its FreeRDP-based clients) at all versions prior to 3.22.0 are affected; the flaw is fixed in FreeRDP 3.22.0. No CPE strings were provided in the input, so exact downstream package ranges (e.g., distribution builds of Remmina or the freerdp2/freerdp3 packages) should be confirmed against vendor trackers. Authoritative details are in the FreeRDP GitHub Security Advisory GHSA-3mv2-5q57-2v8h (https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3mv2-5q57-2v8h) and the VulnCheck advisory (https://www.vulncheck.com/advisories/freerdp-use-after-free-via-race-condition-in-drdynvc-channel-callback). ## Remediation Vendor-released patch: FreeRDP 3.22.0 — upgrade all FreeRDP libraries and any FreeRDP-based clients (Remmina, GNOME Connections, xrdp clients, etc.) to 3.22.0 or later, rebuilding or updating downstream distribution packages that bundle the library. Until patched, reduce exposure by only connecting to trusted, known-good RDP servers and avoiding connections to untrusted or attacker-influenced hosts, since the malicious behavior originates server-side; where feasible, restrict outbound RDP (TCP 3389) from client machines to an allowlist of approved servers via egress firewall rules (trade-off: breaks ad-hoc connections to new servers). If specific dynamic virtual channels are not required, disabling optional channel redirections (clipboard, drive, audio) narrows the attack surface of drdynvc but does not fully eliminate the race and reduces functionality. Follow guidance in GHSA-3mv2-5q57-2v8h (https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3mv2-5q57-2v8h) and the VulnCheck advisory (https://www.vulncheck.com/advisories/freerdp-use-after-free-via-race-condition-in-drdynvc-channel-callback). ## Exploit Scenario An attacker stands up or compromises an RDP server and lures a victim into connecting with a vulnerable FreeRDP client (e.g., via a malicious .rdp file, phishing link, or a man-in-the-middle position). Once connected, the server rapidly interleaves DYNVC_DATA and DYNVC_CLOSE messages on a dynamic virtual channel to win the race and trigger the heap use-after-free in the client's drdynvc thread, crashing the client or, with careful heap grooming, potentially executing code in the client process. No public POC is identified at this time, and the AC:H race condition makes reliable code execution difficult. ## Exploitation Conditions Exploitation requires the victim to establish an RDP session to an attacker-controlled or compromised server running against a FreeRDP client before 3.22.0, and the connection must use the drdynvc dynamic virtual channel path. The attacker must then concurrently send DYNVC_DATA and DYNVC_CLOSE messages on a dynamic virtual channel to win a timing race in `channel_callback` access. Limiting factors: the attacker must control the RDP server side (this is a client-side vulnerability, so it cannot be triggered against an unwilling client that never connects), the exploit depends on winning a non-deterministic thread race (CVSS AC:H) so it is unreliable and may require repeated attempts, and reliable code execution beyond a crash requires heap-layout control. No authentication to the malicious server is needed, but the user must initiate the outbound connection. ## Attack Chain Lure victim to malicious RDP server → Client opens dynamic virtual channel (drdynvc) → Server races DYNVC_DATA and DYNVC_CLOSE → Trigger heap use-after-free on channel_callback → Crash client or execute code in client process ## Confidence Notes Affected/fixed version (before 3.22.0; fixed in 3.22.0), root cause, and functions are confirmed by the FreeRDP GitHub Security Advisory GHSA-3mv2-5q57-2v8h and the VulnCheck advisory. CVSS 4.0 vector, 8.3 score, and CWE-362 are provided in the input; RCE is described as potential, not demonstrated. Not listed in CISA KEV and no EPSS score or public POC was provided, so real-world exploitation status is unknown; downstream package version ranges are not confirmed due to absent CPE data. ## Prevalence high ## Prevalence Basis core open-source RDP library embedded in many Linux remote-desktop clients ## Assessed CVSS Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H ## Assessed CVSS Rationale Client-side flaw needing the victim to connect to a malicious server (UI:R) and to win a thread race (AC:H); heap corruption gives high availability impact with limited C/I. ## Assessed CVSS 4.0 Vector CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
Cross-tenant bundle deletion in Capgo (Capacitor live/OTA update platform) before 12.128.2 lets holders of an upload-scoped API key rewrite the mutable app_versions.r2_path column through the PostgREST data API, retargeting it at another tenant's Cloudflare R2 objects. By pointing a soft-deleted attacker version at a victim bundle and firing the on_version_update cleanup trigger, an attacker deletes the victim's R2 object, breaking that app's over-the-air update delivery. No public exploit is identified at time of analysis, but the mechanism is fully described and CVSS 4.0 rates availability impact as High (8.7).
Denial of service in Dell PowerProtect Data Domain (DDOS versions 7.7.1.0 through 8.7, plus LTS2026 8.6.1.0-8.6.1.10, LTS2025 8.3.1.0-8.3.1.30, and LTS2024 7.13.1.0-7.13.1.70) allows a remote, unauthenticated attacker to crash or hang the appliance by triggering an integer overflow (CWE-190). Per the CVSS vector (PR:N/UI:N), no authentication or user interaction is required, and the impact is confined to availability (C:N/I:N/A:H) - no data disclosure or code execution. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV; EPSS was not provided.
Denial of service in Tanium Server allows remote unauthenticated attackers to exhaust availability of the platform, per vendor advisory TAN-2026-016. The flaw is network-reachable with low complexity and no privileges or user interaction (CVSS 7.5, availability-only impact), and the CWE-789 classification indicates an uncontrolled/excessive memory allocation can be triggered remotely. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Use-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1/14.0.4 and earlier) allows a crafted PDF containing embedded JavaScript to free page objects and trigger a dangling write to pop-up annotation objects. An attacker who convinces a user to open a malicious document can crash the application and potentially achieve arbitrary code execution in the user's context. No public exploit identified at time of analysis; the flaw was reported privately by Foxit.
Denial-of-service (and potential memory-corruption) in Foxit PDF Editor (≤14.0.4 / ≤13.2.4 / ≤2026.1.1) and Foxit PDF Reader (≤2026.1.1) arises when a crafted PDF's embedded JavaScript rewrites the document to alter the page structure, freeing the underlying page objects while the thumbnail renderer continues to reference them - a classic use-after-free (CWE-416). A victim who merely opens the file triggers the dangling reference, causing an application crash and, given the CVSS confidentiality/integrity impact, a plausible path to code execution. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Denial-of-service in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1 and earlier) occurs when a victim opens a crafted PDF whose embedded JavaScript deletes the current page, after which subsequent scripts dereference now-freed document-view properties and crash the application. This is a CWE-416 use-after-free reported by Foxit; no public exploit identified at time of analysis, and it is not listed in CISA KEV. The documented impact is an application crash, though the underlying memory-corruption class warrants caution about potential escalation.
Use-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor lets a crafted PDF containing JavaScript trigger stale field-pointer dereferences after the script deletes form fields, corrupting memory and crashing the application. The flaw affects Foxit PDF Editor 14.0.4 and earlier and Foxit PDF Reader 2026.1.1 and earlier and requires the victim to open a malicious file. There is no public exploit identified at time of analysis, and the issue is not listed in CISA KEV; Foxit's own CVSS of 7.8 (C:H/I:H/A:H) implies potential code execution beyond the crash described.
Memory corruption in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1, 13.2.4, 14.0.4 and earlier) allows attackers to crash the application and potentially corrupt memory when a victim opens a malicious PDF whose embedded JavaScript walks a deliberately damaged form-field tree. The bug is a use-after-free (CWE-416): field traversal leaves the program holding a freed/invalid form object, and dereferencing that invalid pointer causes the crash. No public exploit identified at time of analysis; disclosure originates from Foxit's own security bulletin.
Memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF to trigger a use-after-free through the embedded JavaScript engine, where a form field object is deleted and then re-accessed, crashing the application. The flaw affects PDF Editor through 13.2.4, 14.0.4, and 2026.1.1, and PDF Reader through 2026.1.1, and was reported by Foxit. No public exploit has been identified at time of analysis, though CVSS scores the impact as high across confidentiality, integrity, and availability, implying potential exploitation beyond a simple crash.
Use-after-free memory corruption in Foxit PDF Reader (2026.1.1 and earlier) and Foxit PDF Editor (through 14.0.4, 13.2.4, and 2026.1.1) allows a remote attacker to execute arbitrary code or crash the application when a victim opens a maliciously crafted PDF. The flaw stems from JavaScript-driven form modifications that leave page-related objects with incomplete lifecycle management, so the application dereferences freed/invalid objects on page-state changes. No public exploit identified at time of analysis, and it is not listed in CISA KEV; while the description emphasizes a crash, the CVSS vector rates full confidentiality, integrity, and availability impact, consistent with exploitable memory corruption.
Memory corruption in Foxit PDF Reader (≤2026.1.1) and Foxit PDF Editor (≤14.0.4, ≤13.2.4, and ≤2026.1.1) allows an attacker to trigger a use-after-free when a victim opens a maliciously crafted PDF whose hyperlink annotation objects use abnormal relationships and field combinations. The flaw manifests as an invalid pointer write during object destruction; while the vendor description only confirms an application crash, the vendor-assigned CVSS (C:H/I:H/A:H) and CWE-416 classification indicate potential for arbitrary code execution. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Memory-corruption crash (and potential code execution) in Foxit PDF Reader and Foxit PDF Editor occurs when a PDF's embedded JavaScript writes annotation attributes without sufficient object-type and argument validation, corrupting the internal annotation structure so the application faults during subsequent object release (CWE-763). Local exploitation requires a user to open a crafted PDF; there is no public exploit identified at time of analysis and the flaw is not in CISA KEV. The vendor rates full confidentiality, integrity, and availability impact (CVSS 7.8), though Foxit tags it as Denial of Service.
Use-after-free memory corruption in Foxit PDF Editor and Foxit PDF Reader allows a crafted PDF to crash the application when its embedded JavaScript resets annotation status and then triggers a reset-form additional action, causing the parser to re-enter and dereference freed objects. Local victims who open a malicious document are affected; the CVSS 3.1 base score is 7.8. No public exploit was identified at time of analysis, and the issue is not listed in CISA KEV.
Denial of service in Foxit PDF Editor and Foxit PDF Reader arises when the application renders a PDF containing cloud-style annotation/border appearances, because the code that builds that geometry omits an upper-bound limit and consistency checks. A local attacker who convinces a user to open a malicious PDF can trigger an out-of-bounds array access that crashes the application; no public exploit has been identified at time of analysis and the flaw is not listed in CISA KEV. Although the NVD vector claims high confidentiality and integrity impact, the vendor description and tags describe only a crash.
Use-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF to crash the application when its embedded JavaScript deletes pages and removes attachment annotations while the attachment panel still references freed pointers. A victim must open the malicious document (UI:R), and no public exploit has been identified at time of analysis. Although the reported behavior is an application crash, Foxit's own CVSS scoring rates confidentiality, integrity, and availability all High, implying potential for code execution beyond denial of service.
Type-confusion memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF containing an abnormal annotation object - one referenced by other objects - to bypass proper type checking during parsing, corrupting memory and crashing the application. Exploitation requires a user to open the malicious file locally (UI:R); there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, so the current confirmed impact is denial of service, though the CWE-843 class leaves open potential for code execution.
Use-after-free memory corruption in Foxit PDF Editor (≤14.0.4, ≤13.2.4, ≤2026.1.1) and Foxit PDF Reader (≤2026.1.1) allows an attacker to corrupt object state and read an illegal memory address when a victim opens a crafted PDF that manipulates form-field properties via embedded JavaScript. The immediate observed impact is an application crash (denial of service), but the CWE-416 root cause and the vendor's CVSS confidentiality/integrity ratings indicate potential for arbitrary code execution in the context of the user. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Use-after-free memory corruption in Foxit PDF Editor (≤14.0.4) and Foxit PDF Reader (≤2026.1.1) allows a crafted PDF containing malicious form-reset JavaScript to trigger a stale control-pointer dereference, crashing the application and potentially enabling arbitrary code execution in the victim's context. Exploitation requires the user to open a booby-trapped document; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Foxit, the reporting vendor, has issued a security bulletin covering the affected versions.
Use-after-free during PDF field processing in Foxit PDF Editor and Foxit PDF Reader allows a crafted document to delete the current page and then reuse now-dangling field objects, causing an illegal memory read and application crash. Affects Foxit PDF Editor through 14.0.4 / 2026.1.1 and Foxit PDF Reader through 2026.1.1; exploitation requires a user to open a malicious PDF. No public exploit identified at time of analysis and the flaw is not in CISA KEV; vendor (Foxit) reported it and tags it primarily as denial of service / memory corruption.
Use-after-free memory corruption in Foxit PDF Editor and Foxit PDF Reader is triggered when JavaScript embedded in a malicious PDF resets form fields and re-enters the interface, causing the application to invoke a method on a freed native object. An attacker who convinces a user to open a crafted PDF can crash the application, and because the flaw is a use-after-free (CWE-416), it carries potential for memory-corruption abuse beyond denial of service. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF containing embedded JavaScript to trigger a use-after-free (CWE-416) when the script manipulates a list box field and the form is subsequently reset. A victim who merely opens the malicious document can have the application dereference a dangling pointer to freed form-field memory; Foxit itself reported the flaw and CVSS rates it 7.8. No public exploit or CISA KEV listing exists, so this is no public exploit identified at time of analysis, though use-after-free in a scriptable PDF engine is a classic path toward code execution.
Use-after-free in the GLX dispatch layer of X.Org X Server and Xwayland allows an authenticated X client to corrupt heap memory by triggering a contextTags array reallocation while a stale pointer is still held. The attacker crafts a deterministic sequence of exactly 34 GLX requests - 17 CreateContext and 17 MakeCurrent calls - to force the realloc, after which GlxFreeContextTag writes zeros into freed memory at five fixed offsets. No CVSS vector or KEV listing is present; the vulnerability was discovered by an anonymous researcher through Trend Micro Zero Day Initiative (ZDI-CAN-30561), indicating active vulnerability research interest though no public exploit has been confirmed.
OpenSSH sshd before version 10.4 fails to consistently enforce its built-in minimum authentication delay, undermining the rate-limiting defense designed to slow credential-guessing attacks against SSH services. All OpenSSH releases prior to 10.4 are affected across all platforms, enabling unauthenticated remote attackers to submit authentication attempts at a rate higher than the daemon intends to permit. No public exploit code has been identified and the vulnerability is absent from CISA KEV; however, the trivial attack complexity combined with OpenSSH's near-universal deployment footprint makes prompt patching appropriate.
Denial of service in OpenSSH sshd before 10.4 lets remote unauthenticated attackers exhaust server resources by driving excessive authentication attempts, because the MaxAuthTries cap was not correctly enforced for the GSSAPIAuthentication path. Only deployments that have enabled GSSAPI-based authentication are exposed, and there is no public exploit identified at time of analysis. EPSS is low (0.34%, 26th percentile) and CISA SSVC records no observed exploitation, so this is a real but non-urgent availability issue rather than a code-execution threat.
NULL pointer dereference in SQLite's Session Extension crashes any application that passes attacker-controlled changeset blobs to sqlite3changeset_apply_v3(). Affected releases include SQLite 3.53.1 and all trunk builds prior to check-in e807d4e3798efd53. Impact is limited to availability - the process crashes - but because SQLite is embedded ubiquitously, the blast radius depends entirely on how widely consuming applications expose this code path to untrusted input. A public proof-of-concept gist is referenced in the CVE record; no public exploit identified at time of analysis beyond that demonstrator, and the vulnerability is not listed in CISA KEV.
SMTP command injection in aiosmtplib (all versions through 5.1.0) enables any attacker who can influence email addresses passed to SMTP.mail(), SMTP.rcpt(), SMTP.vrfy(), SMTP.expn(), or the higher-level SMTP.sendmail() to inject arbitrary SMTP protocol commands by embedding CR/LF bytes in the address string. Applications that accept sender or recipient addresses from untrusted input - web forms, APIs - and forward them to these methods without CR/LF sanitization are at risk of session desynchronization, client-side denial of service via SMTP client hang, or delivery of attacker-crafted email through the victim application's SMTP connection. No vendor-released patch version is confirmed from available data at time of analysis, and no public exploit has been identified.
Unbounded recursive descent in the RaTeX Rust crate ratex-parser crashes the entire host process when fed deeply nested LaTeX input. The mutual recursion across parse_expression, parse_atom, and parse_group in crates/ratex-parser/src/parser.rs carries no depth guard, so roughly 200,000 nested braces (~400 KB of input, or far less on async worker threads with 512 KB stacks) exhausts the native OS stack and triggers a fatal SIGABRT from which the process cannot recover. In any server-side math rendering deployment that accepts untrusted LaTeX, this constitutes a reliable unauthenticated denial-of-service; publicly available exploit code confirms trivial reproduction with a Python one-liner.
Denial of service in RaTeX, a Rust LaTeX-rendering library (crate ratex-parser), lets remote attackers crash any service that parses untrusted LaTeX by submitting a 9-byte `\verb` command whose delimiter is a multibyte UTF-8 character (e.g. `\verbéxé`). The parser slices the verbatim argument using byte indices rather than character boundaries, so index 1 lands inside the `é` character and Rust panics; because the release profile sets `panic = "abort"`, the panic terminates the entire process, not just one request. Publicly available exploit code exists (a one-line PoC in the GHSA advisory); no active exploitation is reported.
Regular-expression denial of service in the String::Util Perl module (versions before 1.36) lets remote unauthenticated attackers exhaust CPU by supplying a string with a long run of whitespace to the trim or rtrim functions. The vulnerable `s/\s*$//u` pattern backtracks quadratically over whitespace runs, so any application feeding untrusted input through these helpers is exposed. No public exploit code has been identified; EPSS is low (0.19%, 9th percentile) and the flaw is not on CISA KEV, indicating no observed active exploitation.
Integer underflow in the OpenWrt Emergency Access Daemon crashes the daemon when any unauthenticated attacker on the local network sends a single crafted UDP packet to it. Affected are all OpenWrt versions prior to v25.12.5. The CVSS adjacent-network vector (AV:A) constrains the attack surface to local or adjacent network segments, but within that context exploitation requires no credentials and no user interaction - a single malformed packet suffices. No public exploit code or CISA KEV listing has been identified at time of analysis; the patch is confirmed available in v25.12.5.
Phoenix Framework's Presence JavaScript client allows any user with ordinary channel access to permanently break presence synchronization for all other viewers of an affected channel topic. By joining a channel using a key name that collides with an Object.prototype property (such as '__proto__', 'constructor', or 'toString'), an attacker causes an uncaught TypeError inside Presence.syncState and Presence.syncDiff that halts all further presence updates for every connected viewer until the attacker disconnects. This is not in CISA KEV, no public exploit has been identified, and the CVSS 4.0 score of 6.3 reflects the limited but persistent client-side availability impact with no server-side exposure.
Denial of service in the Phoenix Framework (Elixir) affects any endpoint mounting a Phoenix.Socket with a reachable WebSocket or LongPoll channel transport, in versions from 0.11.0 up to the fixed 1.5.15, 1.6.17, 1.7.24, and 1.8.9. Because transports place no cap on channels joined per connection, one unauthenticated client can stream unlimited phx_join messages down a single connection to spawn hundreds of thousands of channel processes and exhaust the BEAM process table, taking the whole node offline. Rated CVSS 4.0 8.7 (availability-only impact); no public exploit identified at time of analysis, though the mechanics are described in detail in the vendor advisory.
Heap-buffer-overflow in 389 Directory Server's DN normalization routine allows an unauthenticated remote attacker to corrupt heap memory and likely crash the LDAP service. The flaw triggers when the server processes an LDAP operation - such as a search request - whose base DN contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name (RDN), causing an out-of-bounds write during RDN attribute-value pair sorting. Per the confirmed CVSS vector (PR:N), no authentication is required; no public exploit code or CISA KEV listing has been identified at time of analysis.
Null pointer dereference in the ONNX Python library's version converter crashes any application that calls `onnx.version_converter.convert_version()` on a crafted model containing an Upsample node with zero inputs, producing an unrecoverable SIGSEGV. Affected versions include at minimum onnx 1.21.0 and 1.22.0, confirmed by a 107-byte public proof-of-concept; the vulnerability is part of a systemic pattern spanning eight adapters. No public active exploitation is confirmed in CISA KEV, but the trivially small PoC eliminates any meaningful exploitation barrier for threat actors targeting ML model conversion pipelines.
Kernel denial-of-service in Zephyr RTOS v4.4.0's Dhara flash translation layer driver crashes the system during FTL disk initialization when a flash error coincides with the journal-resume checkpoint scan. The driver's dhara_nand_read/erase/prog/copy callbacks unconditionally dereference the caller-supplied err pointer, but the upstream Dhara library legitimately passes NULL during its binary search in find_last_checkblock(), triggering a NULL write and kernel fault. No public exploit code has been identified and this CVE is absent from the CISA KEV catalog; exploitation is gated on specific flash media conditions (uncorrectable ECC, bad block, or induced fault) occurring on a checkpoint page at mount time, constraining real-world risk to physical or supply-chain threat models.
Denial of service in Red Hat / 389 Directory Server (389-ds-base, versions since ~1.3.2/2013) allows an authenticated LDAP client to crash the server by sending an oversized UNBIND packet over a SASL integrity-protected connection. The oversized data overflows a fixed 512-byte heap receive buffer in sasl_io_recv() (sasl_io.c), and in FreeIPA / Red Hat IdM any domain user, enrolled host, or service account with a valid Kerberos ticket can trigger it after GSSAPI authentication. There is no public exploit identified at time of analysis, and this flaw is distinct from the earlier CVE-2025-14905 schema.c overflow, which did not fix this code path.
Heap memory corruption in GIMP's PSD (Photoshop) file parser allows a malicious .psd image to overflow an integer in read_RLE_channel(), producing an undersized heap allocation for the RLE row-length table that is then overwritten row-by-row, potentially yielding denial of service or arbitrary code execution. The flaw affects GIMP as shipped across Red Hat Enterprise Linux 6 through 9 and is triggered when a victim opens or imports a crafted PSD file. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Uncaught Exception in the Gallagher Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated and authorized operator to force a controller restart by sending specific crafted requests, causing a temporary denial of service. Affected versions span Gallagher Command Centre 9.20 through 9.50 (pre-patch) and all versions of 9.10 and earlier. No public exploit code exists and no active exploitation has been identified; the high privilege requirement substantially limits real-world attack surface to insider or compromised-operator scenarios.
Gallagher Command Centre's T20 Readers component crashes and restarts when an authenticated, high-privilege operator sends specific crafted requests, causing a temporary denial of service. Exploitation requires existing operator-level credentials and authorization - this cannot be triggered by unauthenticated or low-privilege users. The vulnerability carries a CVSS 2.7 (Low) score with no public exploit code and no CISA KEV listing, indicating minimal real-world threat beyond insider misuse or compromised operator accounts.
NULL pointer dereference in GPAC's smooth_parse_stream_index() function crashes the application when processing a maliciously crafted MPEG-DASH or Smooth Streaming media file, resulting in denial of service. Affected versions are all GPAC master HEAD builds prior to commit b35c61f104b85fbb16520ac2838d5d2ef70845b5. Exploitation requires local access and user interaction to open a crafted file; a proof-of-concept is publicly available via GitHub Gist, though EPSS sits at 0.17% (7th percentile) and no active exploitation has been confirmed by CISA KEV.
Memory exhaustion in Coder's AI Bridge feature allows an authenticated member-level user to crash the entire control plane by sending arbitrarily large HTTP request bodies to provider endpoints such as `/api/v2/aibridge/anthropic/v1/messages`. Because AI Bridge runs in-process with `coderd`, a single crafted request can grow heap memory until the OS terminates the process, taking down the API server, workspace coordinator, and DERP relay simultaneously. No public exploit has been identified at time of analysis, but the vendor credits Anthropic's Security Team (ANT-2026-22443) with independent discovery, indicating external security research attention. Patched versions are available for the affected v2.33 and v2.34 release lines.
Authorization bypass in the Coder devcontainer recreate endpoint allows any authenticated user holding only read-level workspace access - such as Template Admin or Org Template Admin roles - to trigger a destructive container rebuild that destroys uncommitted in-container state. Unlike the sibling delete endpoint, which correctly enforces an ActionUpdate check, the recreate endpoint relied solely on route middleware verifying ActionRead, leaving the destructive operation unguarded against lower-privileged principals. No public exploit has been identified at time of analysis; vendor-confirmed patches are available across all supported release lines.
Denial of service in Coder's coderd server allows any authenticated user with file-upload access to exhaust server memory by uploading a crafted zip bomb via POST /api/v2/files, crashing the service before RBAC checks execute. Affected versions span all supported release lines prior to v2.34.2, v2.33.8, v2.32.7, and v2.29.17 (ESR). No public exploit has been identified at time of analysis; the impact is strictly an availability loss - the advisory explicitly confirms no data disclosure or code execution is possible, contradicting the 'RCE' tag present in the intelligence feed.
Uncontrolled memory allocation in Coder's provisioner daemon allows an authenticated user to crash the entire coderd deployment with a single ~50-byte network message. The vulnerability exists in the NewDataBuilder function within provisionersdk/proto/dataupload.go, which blindly allocates a byte slice using a client-supplied FileSize field from a DataUpload DRPC message, with no upper-bound validation. By declaring a massive FileSize value such as 1 TiB, an attacker with provisioner daemon credentials can trigger a Go runtime out-of-memory abort, terminating coderd and denying service to all users of the deployment. No public exploit code has been identified and this vulnerability is not listed in CISA KEV at time of analysis.
Arbitrary file write as root via symlink attack in Linuxfabrik Monitoring Plugins affects any deployment using the provided sudoers configuration. The monitoring plugins create SQLite databases at predictable, static paths under /tmp; an attacker who has already gained access to the nagios service account can pre-place symlinks at those paths, and when a monitoring script is subsequently invoked via sudo, it follows the symlink and writes a SQLite database to any attacker-chosen path on the filesystem. A proof-of-concept is included in the GitHub Security Advisory GHSA-r35r-fpx2-jgr4, and no CISA KEV listing or CVSS score has been assigned at time of analysis.
Denial of service in vLLM 0.12.0 through 0.23.x lets any authorized API caller crash the entire inference server by submitting a pure prompt-embeddings payload to the /v1/completions endpoint when a model using M-RoPE (multimodal rotary position embedding) is loaded. The malformed request trips a reachable assertion in the EngineCore process, which terminates the whole server rather than rejecting the single request. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; the flaw is fixed in vLLM 0.24.0.
Denial of service in vLLM inference servers prior to 0.24.0 allows remote unauthenticated attackers to hang an inference worker indefinitely by submitting a single request with an adversarial regular expression via the structured_outputs.regex API parameter. The pattern is passed to grammar compiler backends (xgrammar with no guard, outlines with structural-but-not-complexity validation) where nested quantifiers trigger exponential state-space expansion (ReDoS). No public exploit identified at time of analysis, though the trivial request-based trigger makes weaponization straightforward.
Denial of service in the vLLM LLM inference server (all versions prior to 0.24.0) allows a remote client to crash the shared engine worker by sending a specific multi-request speculative decoding workload. The rejection sampler produces a recovered token equal to the vocabulary-size boundary, which is coerced to -1, written back into the drafter's input ids, and later dereferenced by the embedding/attention path, triggering a GPU device-side assertion that kills the worker. There is no public exploit identified at time of analysis and this CVE is not in CISA KEV; per CVSS the impact is availability-only (C:N/I:N/A:H) with a low EPSS profile expected for a crash-only bug.
Null Pointer Dereference in Adobe DNG SDK versions 1.7.1 build 2536 and earlier allows an attacker to crash any application embedding the SDK by supplying a specially crafted DNG file. The flaw is strictly a denial-of-service with no confidentiality or integrity impact, and requires a victim to open the malicious file, constraining realistic exposure to imaging pipelines or end-user applications that ingest untrusted DNG content. No public exploit code and no active exploitation have been identified at time of analysis.
Memory exhaustion in vLLM 0.22.0-0.23.0 allows authenticated API callers to crash or destabilize the inference server by uploading arbitrarily large audio files. The `/v1/audio/transcriptions` and `/v1/audio/translations` endpoints invoke `request.file.read()` to fully buffer multipart uploads into process memory before the `VLLM_MAX_AUDIO_CLIP_FILESIZE_MB` size guard is evaluated, meaning the size limit is checked only after the damage is done. No public exploit is identified at time of analysis; vendor-confirmed fix is available in version 0.24.0.
Remote code execution in Google Chrome desktop before 150.0.7871.115 lets a remote attacker run arbitrary code (constrained to the renderer sandbox) by luring a victim to a crafted HTML page that triggers a use-after-free in the Actor component. The flaw is network-reachable and requires only that the user visit a malicious page, but Chromium rates the severity High rather than Critical because code execution stays inside the renderer sandbox. No public exploit identified at time of analysis; no EPSS or KEV signal was supplied in the input.
Sandbox escape in Google Chrome for Android before 150.0.7871.115 stems from a use-after-free in the Autofill component, letting a remote attacker who lures a victim to a crafted HTML page potentially break out of the renderer sandbox. Rated High by Chromium and carrying a CVSS 9.6 due to the scope-changing impact, it currently has no public exploit identified at time of analysis and is not listed in CISA KEV. A vendor patch shipped via the Chrome Stable channel update.
Remote heap corruption in Google Chrome desktop before 150.0.7871.115 stems from a use-after-free (CWE-416) in Ozone, the platform abstraction layer that mediates windowing, graphics, and input. A remote attacker who lures a victim into loading a crafted HTML page can trigger the freed-memory reuse and potentially achieve renderer-level code execution; Chromium rates the underlying flaw Critical. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the network-reachable, no-privilege, low-complexity CVSS 8.8 profile makes it a high-priority browser patch.
Heap corruption in Google Chrome's Views UI framework (versions prior to 150.0.7871.115) lets a remote attacker who lures a user into performing specific UI gestures on a crafted HTML page potentially execute code or crash the browser via a use-after-free. Google rates the Chromium severity High; there is no public exploit identified at time of analysis and it is not listed in CISA KEV, though Chrome UAF bugs are historically attractive exploitation targets.
Use after free in Extensions in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
Renderer-process code execution in Google Chrome desktop before 150.0.7871.115 arises from a use-after-free in the IndexedDB implementation, letting a remote attacker run arbitrary code within the Chromium sandbox when a victim opens a crafted HTML page. Chromium rated the flaw Medium severity even though the CVSS base score is 8.8, reflecting that execution is confined to the sandboxed renderer rather than the host. A vendor patch is available and no public exploit has been identified at time of analysis.
Remote denial of service in OpENer 2.3.0 (commit 76b95cf), an open-source EtherNet/IP (CIP) communication stack, lets unauthenticated network attackers exhaust device resources through the network processing loop, rendering the affected industrial device unavailable. The flaw carries CVSS 7.5 (availability-only impact) and publicly available exploit code exists (referenced GitHub gist and issue #562), though it is not listed in CISA KEV and EPSS is low at 0.20% (10th percentile), indicating no observed widespread exploitation. Because OpENer typically runs on embedded ICS/IIoT endpoints, loss of availability can translate directly to loss of process visibility or control.
Remote denial of service in the JavaScript @libp2p/gossipsub module (all versions prior to 16.0.0) lets any connected peer stall a victim node by sending oversized IHAVE/IWANT control messages. Because defaultDecodeRpcLimits left maxIhaveMessageIDs and maxIwantMessageIDs set to Infinity, a single 4 MB RPC frame forces roughly 180,000 message IDs to be iterated synchronously, blocking the Node.js event loop and freezing the process. No public exploit identified at time of analysis; the flaw is remotely reachable without authentication against affected default configurations.
Denial of service in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 is caused by a heap-based buffer overflow in the Catapult DCT2000 protocol dissector, crashing the application when a crafted capture file is opened. The CVSS local attack vector (AV:L) and required user interaction (UI:R) constrain exploitation to scenarios where an analyst is socially engineered into opening a malicious capture file - no remote or unauthenticated network exploitation path exists. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV; vendor-released fixes are available in 4.6.7 and 4.4.17.
The pcapng file parser in Wireshark 4.6.0 through 4.6.6 contains a heap-based buffer overflow (CWE-122) that crashes the application, resulting in denial of service. An attacker must convince a user to open a specially crafted pcapng capture file, making this a social-engineering-dependent attack with no network-facing exploitation path. No public exploit code has been identified at time of analysis and the vulnerability is not listed in CISA KEV; a vendor patch is available in Wireshark 4.6.7.
The FMP/NOTIFY protocol dissector in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 crashes when processing malformed packet data, resulting in a denial of service against the application. Exploitation requires a victim to open a crafted packet capture file or analyze injected traffic, making this a social-engineering-dependent vector rather than a remotely triggerable flaw. A vendor-released patch is available in versions 4.6.7 and 4.4.17; no public exploit or CISA KEV listing has been identified at time of analysis.
Wireshark's SSH protocol dissector crashes via a null pointer dereference (CWE-476) in versions 4.4.0-4.4.16 and 4.6.0-4.6.6, enabling denial of service against any analyst or engineer running an affected build. The flaw is triggered locally when Wireshark processes malformed SSH protocol data, whether from a live capture or a crafted packet capture file, causing the application to crash and disrupting network analysis workflows. No active exploitation has been confirmed in CISA KEV, and no public exploit code is known at time of analysis.
Heap-based buffer overflow in Wireshark's Z39.50 protocol dissector crashes the application when processing malformed Z39.50 PDUs, resulting in denial of service. Affected versions span the 4.4.x branch (4.4.0-4.4.16) and 4.6.x branch (4.6.0-4.6.6). An attacker can trigger the crash by persuading an analyst to open a crafted packet capture file or by injecting malicious Z39.50 traffic onto a monitored network segment; no active exploitation (CISA KEV) or public exploit code has been identified at time of analysis.
Denial of service in Wireshark's UMTS FP protocol dissector affects the 4.6.0-4.6.6 and 4.4.0-4.4.16 release branches, where a malformed UMTS Frame Protocol packet triggers a heap-based buffer overflow (CWE-122) that crashes the application. A remote attacker who can get the crafted frame parsed - via live capture on a monitored segment or a shared capture file - can reliably terminate the analyzer, with no confidentiality or integrity impact. Publicly available exploit code exists (SSVC=poc) but it is not on CISA KEV, and EPSS is low at 0.14% (4th percentile), indicating minimal observed exploitation pressure.
Denial of service in Wireshark's DBS Etherwatch dissector affects release branches 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16, where a malformed capture file or crafted packet can crash the application. The flaw is a stack-based buffer overflow (CWE-121) that manifests only as an availability impact - no confidentiality or integrity loss and no confirmed code execution - carrying a 7.5 (High) CVSS. No public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Stack-based buffer overflow in Wireshark's IEEE 802.11 (Wi-Fi) protocol dissector crashes the application, resulting in denial of service across versions 4.6.0-4.6.6 and 4.4.0-4.4.16. An attacker with the ability to deliver a malicious packet capture file, or inject crafted 802.11 frames into a live capture session, can crash the Wireshark process on a victim analyst's machine. No public exploit code has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog; vendor-released patches (4.6.7 and 4.4.17) are available.
Denial of service in Wireshark 4.6.0 through 4.6.6 lets a remote attacker crash the application by feeding it a malformed TLS packet using the Encrypted Client Hello (ECH) extension, triggering a heap buffer overflow in the ECH decryptor. No authentication or user interaction beyond processing the traffic is required, though impact is limited to availability (analyzer crash) with no code execution or data disclosure claimed. Publicly available exploit code exists per SSVC (POC), EPSS is low at 0.14% (4th percentile), and it is not listed in CISA KEV.
Denial of service in Wireshark's ciscodump remote capture utility (extcap) affects versions 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16, where a heap-based buffer overflow (CWE-122) can crash the capture tool. An attacker able to feed crafted data to a running ciscodump session can terminate the process, disrupting live packet capture. A POC is referenced by CISA's SSVC assessment (no public exploit code independently identified), it is not in CISA KEV, and EPSS is very low at 0.10% (1st percentile), indicating minimal likelihood of widespread exploitation.
Denial of service in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 lets a remote attacker crash or hang the application by feeding it crafted packets that trigger infinite loops in multiple protocol dissectors. No public exploit is identified at time of analysis, and the flaw is limited to availability - no code execution or data exposure. Real-world urgency is modest: EPSS sits at 0.12% and CISA SSVC rates exploitation as 'none' with only partial technical impact.
Memory corruption in the User-ID Terminal Server Agent (TSA) of Palo Alto Networks PAN-OS lets an unauthenticated network attacker crash the service (DoS) or potentially execute arbitrary code by sending crafted traffic to the TSA listener. Multiple out-of-bounds write bugs are involved; the vendor's CVSS 4.0 vector flags the exploit as unproven (E:U), and no public exploit has been identified at time of analysis. Panorama is explicitly not affected, and exposure hinges on whether the optional TSA component is deployed and reachable.
Path traversal in DSpace's Curation Task reporter parameter exposes authenticated Collection, Community, and Site Administrators to file write operations at arbitrary server-side paths writable by the DSpace/Tomcat OS user. Affected are DSpace versions through 7.6.6, 8.0-8.3, and 9.0-9.2, where the attack surface widened when web UI access was granted to admin roles beyond CLI-only system administrators. No public exploit or CISA KEV listing exists; the vendor-assigned CVSS 3.1 score of 5.5 (PR:H, A:H) correctly reflects that high-privilege credentials are required but the availability impact from overwriting configuration or binary files can be severe.
Authorization bypass in Zalando Skipper (<= v0.26.8) lets remote unauthenticated attackers defeat the opaAuthorizeRequestWithBody OPA filter by sending the request body with HTTP/1.1 Transfer-Encoding: chunked or HTTP/2 framing that omits content-length. Because net/http sets ContentLength = -1 for such requests, Skipper's body extractor buffers an empty body, so Rego policies that gate on input.parsed_body evaluate against an empty document, fail open, and forward the forbidden payload upstream. Publicly available exploit code exists (a full E2E Go PoC is embedded in the GHSA advisory); the flaw is not in CISA KEV and no EPSS score was provided.
ReDoS vulnerability in the guardrails-detectors component of Red Hat OpenShift AI enables adjacent-network attackers to submit specially crafted regular expressions to the public detection API, triggering catastrophic backtracking that pins a worker process at 100% CPU indefinitely. The availability impact extends beyond the component itself - the entire guardrails-mediated LLM pipeline is rendered non-functional. No public exploit identified at time of analysis, but exploitation requires no authentication and trivial effort from an adjacent network position.
Denial of service in the pypdf Python PDF library (all versions prior to 6.14.1) allows a remote attacker to hang a consuming application by supplying a malicious PDF. A page content stream containing an unterminated inline image drives the inline-image end-marker detection logic into an infinite loop, most notably triggered during page text extraction. No public exploit has been identified at time of analysis, but the CVSS 4.0 score of 8.7 reflects an unauthenticated, low-complexity availability attack, and a fixed release (6.14.1) is available.
Denial of service in pypdf before 6.14.2 lets a remote attacker hang any application that parses an attacker-supplied PDF: a page content stream carrying an unterminated inline image with an ASCII85 or ASCIIHex filter drives the parser into an infinite loop (CWE-835), most notably during page text extraction. The pure-Python library is very widely used in document-processing and data-ingestion pipelines, so a single malicious file can pin a CPU core and stall the worker. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the root cause is well-described and trivially reproducible.
{{ huge_array | pop }}` trigger an O(N) full clone of an attacker-influenced array that bypasses the engine's configured memoryLimit budget, enabling denial of service through memory exhaustion. The `pop` array filter in src/filters/array.ts clones its input via `[...toArray(v)]` without routing the allocation through `this.context.memoryLimit.use(...)`, so the safety guard applications rely on is silently defeated. There is no public exploit identified at time of analysis, EPSS/KEV data was not supplied, and the impact is limited to availability (no confidentiality or integrity loss).
Uncontrolled resource consumption in pypdf prior to 6.14.0 allows unauthenticated remote attackers to cause denial of service by submitting a crafted PDF containing repeated malformed cross-reference streams. The library's XRef table recovery routine performs unbounded work on such inputs, leading to excessive CPU time consumption and effectively hanging or severely degrading any application that processes attacker-supplied PDFs. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.
Memory exhaustion in HashiCorp memberlist before 0.6.0 allows network-accessible attackers to crash individual cluster nodes by sending crafted push/pull state synchronization messages to the gossip port, triggering unbounded memory allocation until the process terminates. The vulnerability is rooted in missing resource limits on incoming gossip state payloads (CWE-770). No public exploit code exists and CISA KEV listing is not confirmed; however, because memberlist underpins HashiCorp Consul, Nomad, and Vault cluster communication, a single exploitable node crash can disrupt distributed coordination in dependent systems.
Unbounded recursion in Mistune's Include directive (all versions prior to 3.3.0) can be triggered by a pair of mutually-referencing markdown files, bypassing the cycle detector that only checks for direct self-inclusion. An attacker who can supply markdown content processed by an application using the Include directive may crash the rendering request with a Python RecursionError, resulting in a denial of service. No public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV; a confirmed fix is available in version 3.3.0.
Denial of service in Mistune (the lepture Python Markdown parser) before 3.3.0 lets remote unauthenticated attackers exhaust CPU by submitting a Markdown document packed with many repeated or distinct reference-link definitions, which triggers quadratic-time processing in the block parser and its ref_links dictionary handling. Any service that renders attacker-supplied Markdown through Mistune (wikis, comment systems, docs pipelines, notebook converters) can be stalled with a single crafted input. No public exploit is identified at time of analysis and it is not in CISA KEV, but the low-complexity, no-auth vector makes weaponization trivial.
Denial of service in Mistune, a widely used pure-Python Markdown parser, affects all versions prior to 3.3.0 where the default inline parser exhibits quadratic (O(n²)) behavior on long runs of well-formed double- or triple-asterisk emphasis pairs. Because the parser rescans forward for matching close markers from every candidate opening run, a small crafted Markdown payload forces disproportionate CPU consumption, exhausting resources on any service that renders untrusted Markdown. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the low attack complexity and unauthenticated network vector make availability impact realistic against default configurations.
Denial of service in Mistune, a Python Markdown parser, affects all versions prior to 3.3.0 when the strikethrough, mark, or insert plugins are enabled. Remote attackers can submit crafted Markdown containing runs of closed tilde (~), equals (=), or caret (^) marker pairs that trigger quadratic-time scanning in the formatting plugin, exhausting CPU and rendering the parsing service unresponsive. No public exploit identified at time of analysis, and the flaw is not in CISA KEV; impact is limited to availability with no data exposure.
Denial of service in the Immutable.js JavaScript library (versions before 4.3.9 and 5.1.8) allows attackers who can influence an index or size value to crash or hang a Node.js/browser process. Passing a value between 2^30 and 2^31 to List#set, setSize, setIn, updateIn (or the functional equivalents) drives setListBounds into an uncatchable infinite loop on empty Lists, unbounded memory allocation until process abort on populated Lists, or a silent integer wrap on setSize. No public exploit code has been identified at time of analysis, and the flaw is not on the CISA KEV list; impact is availability-only.
Denial of service in Engine.IO 6.5.0 through 6.6.6 (the transport layer beneath Socket.IO) lets remote unauthenticated attackers crash the server by supplying a crafted session ID like '__proto__' during a WebTransport upgrade. Because the session ID is looked up against the internal clients object without guarding inherited properties, the resolved value is a prototype function rather than a client, triggering a TypeError that terminates request handling. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the trigger is trivial to reproduce on any server that has WebTransport enabled.
Denial-of-service via infinite loop in protobuf.js (the pure-JavaScript Protocol Buffers implementation for Node.js/browsers) affects versions 8.0.0 through <8.6.6 and 7.5.0 through <7.6.5. When the parser reads an option declaration in a .proto schema it advances through tokens looking for '=' without checking for end-of-input, so a truncated schema (e.g. 'option foo') hangs parse(), Root.load, or Root.loadSync forever, pinning a CPU core and stalling the event loop. No public exploit is identified at time of analysis and it is not in CISA KEV; EPSS is low (0.33%, 25th percentile), matching the SSVC rating of exploitation 'none' but automatable.
Denial of service in node-tar prior to 7.5.18 allows remote attackers to hang a Node.js application by feeding it a crafted tar archive: a checksum-valid header carrying a negative base-256 encoded entry size makes the tar.replace scanner advance zero bytes and re-parse the same header forever. No public exploit or active exploitation is identified at time of analysis, but the CVSS 4.0 base score of 8.7 reflects the high, easily-reachable availability impact. Only applications that call tar.replace on untrusted archive input are affected.
Uncontrolled resource consumption in node-tar before 7.5.19 lets a small crafted gzip bomb exhaust disk space and CPU on any Node.js application that extracts or parses attacker-supplied tar archives. Because node-tar imposes no upper bound on total decompressed size, entry count, or compression ratio in its extract and parse paths, a tiny malicious file can inflate to consume all available storage and processing, causing denial of service. No public exploit has been identified, but the fix is a straightforward, well-documented behavior change published in the vendor advisory GHSA-23hp-3jrh-7fpw.
Denial of service in Wazuh wazuh-modulesd (all releases before 5.0.0-beta3) lets an enrolled agent crash the manager's inventory synchronization module by sending a verifier-valid FlatBuffer DataValue message that omits the optional id field, triggering a null pointer dereference (CWE-476). Exploitation requires only a valid enrolled agent (PR:L) over the network with no user interaction; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Impact is availability-only - no data confidentiality or integrity loss - but it can repeatedly take down central inventory sync, blinding a security monitoring deployment.
Heap buffer overflow in ImageMagick's FTXT encoder exposes systems to denial of service and potential information disclosure when processing attacker-crafted image files. All ImageMagick versions before 7.1.2-19 are affected due to missing boundary checks when parsing the ftxt:format parameter, allowing an out-of-bounds read (CWE-125) in the FTXT encoder component. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog, though a vendor patch is available at 7.1.2-19.
## Summary Remote code execution and denial of service in FreeRDP before 3.22.0 stem from a use-after-free in the dynamic virtual channel manager (drdynvc), where `dvcman_channel_close` and `dvcman_call_on_receive` access `channel_callback` without proper synchronization (CWE-362). A malicious or compromised RDP server can race DYNVC_DATA and DYNVC_CLOSE messages to free a channel callback while another thread still uses it, corrupting the client heap. This is a client-side flaw affecting anyone connecting to an attacker-controlled server; no public exploit identified at time of analysis, and it is not listed in CISA KEV. ## Technical Context FreeRDP is a widely used open-source implementation of the Microsoft Remote Desktop Protocol, embedded in clients such as Remmina, GNOME Connections, Weston, and numerous commercial and VDI products. The bug lives in the drdynvc (Dynamic Virtual Channel) subsystem, which multiplexes optional channels (clipboard, audio, device redirection, etc.) over the RDP connection and processes them on a dedicated client thread. Per CWE-362 (concurrent execution using shared resource with improper synchronization / race condition), `dvcman_channel_close` (handling DYNVC_CLOSE) can free the `channel_callback` structure while `dvcman_call_on_receive` (handling DYNVC_DATA) is concurrently dereferencing it, producing a heap use-after-free. Because the RDP server dictates the timing and ordering of DYNVC_DATA and DYNVC_CLOSE PDUs, a hostile server controls the race window. ## Risk Assessment The published CVSS 4.0 vector (AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H) yields 8.3 (High), driven mainly by high availability impact with lower confidentiality/integrity impact — consistent with a heap corruption that reliably crashes the client (DoS) but only potentially yields RCE. AC:H correctly reflects that success depends on winning a non-deterministic thread race, which is unreliable and may require many attempts. There is no EPSS score, no KEV listing, and no confirmed public POC in the provided data, so exploitation pressure is currently low-to-unknown; the RCE and Denial Of Service tags reflect potential impact, not observed attacks. One nuance to verify: the vector uses UI:N/PR:N, but this is a client-side vulnerability requiring the victim to connect to a malicious server — a real-world limiting factor that raw CVSS understates. Net: a legitimate patch priority for fleets whose users connect to untrusted or reachable RDP endpoints, but not an emergency mass-exploitation scenario given AC:H and no evidence of exploitation. ## Affected Products FreeRDP (the open-source RDP client/library and its FreeRDP-based clients) at all versions prior to 3.22.0 are affected; the flaw is fixed in FreeRDP 3.22.0. No CPE strings were provided in the input, so exact downstream package ranges (e.g., distribution builds of Remmina or the freerdp2/freerdp3 packages) should be confirmed against vendor trackers. Authoritative details are in the FreeRDP GitHub Security Advisory GHSA-3mv2-5q57-2v8h (https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3mv2-5q57-2v8h) and the VulnCheck advisory (https://www.vulncheck.com/advisories/freerdp-use-after-free-via-race-condition-in-drdynvc-channel-callback). ## Remediation Vendor-released patch: FreeRDP 3.22.0 — upgrade all FreeRDP libraries and any FreeRDP-based clients (Remmina, GNOME Connections, xrdp clients, etc.) to 3.22.0 or later, rebuilding or updating downstream distribution packages that bundle the library. Until patched, reduce exposure by only connecting to trusted, known-good RDP servers and avoiding connections to untrusted or attacker-influenced hosts, since the malicious behavior originates server-side; where feasible, restrict outbound RDP (TCP 3389) from client machines to an allowlist of approved servers via egress firewall rules (trade-off: breaks ad-hoc connections to new servers). If specific dynamic virtual channels are not required, disabling optional channel redirections (clipboard, drive, audio) narrows the attack surface of drdynvc but does not fully eliminate the race and reduces functionality. Follow guidance in GHSA-3mv2-5q57-2v8h (https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3mv2-5q57-2v8h) and the VulnCheck advisory (https://www.vulncheck.com/advisories/freerdp-use-after-free-via-race-condition-in-drdynvc-channel-callback). ## Exploit Scenario An attacker stands up or compromises an RDP server and lures a victim into connecting with a vulnerable FreeRDP client (e.g., via a malicious .rdp file, phishing link, or a man-in-the-middle position). Once connected, the server rapidly interleaves DYNVC_DATA and DYNVC_CLOSE messages on a dynamic virtual channel to win the race and trigger the heap use-after-free in the client's drdynvc thread, crashing the client or, with careful heap grooming, potentially executing code in the client process. No public POC is identified at this time, and the AC:H race condition makes reliable code execution difficult. ## Exploitation Conditions Exploitation requires the victim to establish an RDP session to an attacker-controlled or compromised server running against a FreeRDP client before 3.22.0, and the connection must use the drdynvc dynamic virtual channel path. The attacker must then concurrently send DYNVC_DATA and DYNVC_CLOSE messages on a dynamic virtual channel to win a timing race in `channel_callback` access. Limiting factors: the attacker must control the RDP server side (this is a client-side vulnerability, so it cannot be triggered against an unwilling client that never connects), the exploit depends on winning a non-deterministic thread race (CVSS AC:H) so it is unreliable and may require repeated attempts, and reliable code execution beyond a crash requires heap-layout control. No authentication to the malicious server is needed, but the user must initiate the outbound connection. ## Attack Chain Lure victim to malicious RDP server → Client opens dynamic virtual channel (drdynvc) → Server races DYNVC_DATA and DYNVC_CLOSE → Trigger heap use-after-free on channel_callback → Crash client or execute code in client process ## Confidence Notes Affected/fixed version (before 3.22.0; fixed in 3.22.0), root cause, and functions are confirmed by the FreeRDP GitHub Security Advisory GHSA-3mv2-5q57-2v8h and the VulnCheck advisory. CVSS 4.0 vector, 8.3 score, and CWE-362 are provided in the input; RCE is described as potential, not demonstrated. Not listed in CISA KEV and no EPSS score or public POC was provided, so real-world exploitation status is unknown; downstream package version ranges are not confirmed due to absent CPE data. ## Prevalence high ## Prevalence Basis core open-source RDP library embedded in many Linux remote-desktop clients ## Assessed CVSS Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H ## Assessed CVSS Rationale Client-side flaw needing the victim to connect to a malicious server (UI:R) and to win a thread race (AC:H); heap corruption gives high availability impact with limited C/I. ## Assessed CVSS 4.0 Vector CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
Cross-tenant bundle deletion in Capgo (Capacitor live/OTA update platform) before 12.128.2 lets holders of an upload-scoped API key rewrite the mutable app_versions.r2_path column through the PostgREST data API, retargeting it at another tenant's Cloudflare R2 objects. By pointing a soft-deleted attacker version at a victim bundle and firing the on_version_update cleanup trigger, an attacker deletes the victim's R2 object, breaking that app's over-the-air update delivery. No public exploit is identified at time of analysis, but the mechanism is fully described and CVSS 4.0 rates availability impact as High (8.7).
Denial of service in Dell PowerProtect Data Domain (DDOS versions 7.7.1.0 through 8.7, plus LTS2026 8.6.1.0-8.6.1.10, LTS2025 8.3.1.0-8.3.1.30, and LTS2024 7.13.1.0-7.13.1.70) allows a remote, unauthenticated attacker to crash or hang the appliance by triggering an integer overflow (CWE-190). Per the CVSS vector (PR:N/UI:N), no authentication or user interaction is required, and the impact is confined to availability (C:N/I:N/A:H) - no data disclosure or code execution. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV; EPSS was not provided.
Denial of service in Tanium Server allows remote unauthenticated attackers to exhaust availability of the platform, per vendor advisory TAN-2026-016. The flaw is network-reachable with low complexity and no privileges or user interaction (CVSS 7.5, availability-only impact), and the CWE-789 classification indicates an uncontrolled/excessive memory allocation can be triggered remotely. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Use-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1/14.0.4 and earlier) allows a crafted PDF containing embedded JavaScript to free page objects and trigger a dangling write to pop-up annotation objects. An attacker who convinces a user to open a malicious document can crash the application and potentially achieve arbitrary code execution in the user's context. No public exploit identified at time of analysis; the flaw was reported privately by Foxit.
Denial-of-service (and potential memory-corruption) in Foxit PDF Editor (≤14.0.4 / ≤13.2.4 / ≤2026.1.1) and Foxit PDF Reader (≤2026.1.1) arises when a crafted PDF's embedded JavaScript rewrites the document to alter the page structure, freeing the underlying page objects while the thumbnail renderer continues to reference them - a classic use-after-free (CWE-416). A victim who merely opens the file triggers the dangling reference, causing an application crash and, given the CVSS confidentiality/integrity impact, a plausible path to code execution. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Denial-of-service in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1 and earlier) occurs when a victim opens a crafted PDF whose embedded JavaScript deletes the current page, after which subsequent scripts dereference now-freed document-view properties and crash the application. This is a CWE-416 use-after-free reported by Foxit; no public exploit identified at time of analysis, and it is not listed in CISA KEV. The documented impact is an application crash, though the underlying memory-corruption class warrants caution about potential escalation.
Use-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor lets a crafted PDF containing JavaScript trigger stale field-pointer dereferences after the script deletes form fields, corrupting memory and crashing the application. The flaw affects Foxit PDF Editor 14.0.4 and earlier and Foxit PDF Reader 2026.1.1 and earlier and requires the victim to open a malicious file. There is no public exploit identified at time of analysis, and the issue is not listed in CISA KEV; Foxit's own CVSS of 7.8 (C:H/I:H/A:H) implies potential code execution beyond the crash described.
Memory corruption in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1, 13.2.4, 14.0.4 and earlier) allows attackers to crash the application and potentially corrupt memory when a victim opens a malicious PDF whose embedded JavaScript walks a deliberately damaged form-field tree. The bug is a use-after-free (CWE-416): field traversal leaves the program holding a freed/invalid form object, and dereferencing that invalid pointer causes the crash. No public exploit identified at time of analysis; disclosure originates from Foxit's own security bulletin.
Memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF to trigger a use-after-free through the embedded JavaScript engine, where a form field object is deleted and then re-accessed, crashing the application. The flaw affects PDF Editor through 13.2.4, 14.0.4, and 2026.1.1, and PDF Reader through 2026.1.1, and was reported by Foxit. No public exploit has been identified at time of analysis, though CVSS scores the impact as high across confidentiality, integrity, and availability, implying potential exploitation beyond a simple crash.
Use-after-free memory corruption in Foxit PDF Reader (2026.1.1 and earlier) and Foxit PDF Editor (through 14.0.4, 13.2.4, and 2026.1.1) allows a remote attacker to execute arbitrary code or crash the application when a victim opens a maliciously crafted PDF. The flaw stems from JavaScript-driven form modifications that leave page-related objects with incomplete lifecycle management, so the application dereferences freed/invalid objects on page-state changes. No public exploit identified at time of analysis, and it is not listed in CISA KEV; while the description emphasizes a crash, the CVSS vector rates full confidentiality, integrity, and availability impact, consistent with exploitable memory corruption.
Memory corruption in Foxit PDF Reader (≤2026.1.1) and Foxit PDF Editor (≤14.0.4, ≤13.2.4, and ≤2026.1.1) allows an attacker to trigger a use-after-free when a victim opens a maliciously crafted PDF whose hyperlink annotation objects use abnormal relationships and field combinations. The flaw manifests as an invalid pointer write during object destruction; while the vendor description only confirms an application crash, the vendor-assigned CVSS (C:H/I:H/A:H) and CWE-416 classification indicate potential for arbitrary code execution. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Memory-corruption crash (and potential code execution) in Foxit PDF Reader and Foxit PDF Editor occurs when a PDF's embedded JavaScript writes annotation attributes without sufficient object-type and argument validation, corrupting the internal annotation structure so the application faults during subsequent object release (CWE-763). Local exploitation requires a user to open a crafted PDF; there is no public exploit identified at time of analysis and the flaw is not in CISA KEV. The vendor rates full confidentiality, integrity, and availability impact (CVSS 7.8), though Foxit tags it as Denial of Service.
Use-after-free memory corruption in Foxit PDF Editor and Foxit PDF Reader allows a crafted PDF to crash the application when its embedded JavaScript resets annotation status and then triggers a reset-form additional action, causing the parser to re-enter and dereference freed objects. Local victims who open a malicious document are affected; the CVSS 3.1 base score is 7.8. No public exploit was identified at time of analysis, and the issue is not listed in CISA KEV.
Denial of service in Foxit PDF Editor and Foxit PDF Reader arises when the application renders a PDF containing cloud-style annotation/border appearances, because the code that builds that geometry omits an upper-bound limit and consistency checks. A local attacker who convinces a user to open a malicious PDF can trigger an out-of-bounds array access that crashes the application; no public exploit has been identified at time of analysis and the flaw is not listed in CISA KEV. Although the NVD vector claims high confidentiality and integrity impact, the vendor description and tags describe only a crash.
Use-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF to crash the application when its embedded JavaScript deletes pages and removes attachment annotations while the attachment panel still references freed pointers. A victim must open the malicious document (UI:R), and no public exploit has been identified at time of analysis. Although the reported behavior is an application crash, Foxit's own CVSS scoring rates confidentiality, integrity, and availability all High, implying potential for code execution beyond denial of service.
Type-confusion memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF containing an abnormal annotation object - one referenced by other objects - to bypass proper type checking during parsing, corrupting memory and crashing the application. Exploitation requires a user to open the malicious file locally (UI:R); there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, so the current confirmed impact is denial of service, though the CWE-843 class leaves open potential for code execution.
Use-after-free memory corruption in Foxit PDF Editor (≤14.0.4, ≤13.2.4, ≤2026.1.1) and Foxit PDF Reader (≤2026.1.1) allows an attacker to corrupt object state and read an illegal memory address when a victim opens a crafted PDF that manipulates form-field properties via embedded JavaScript. The immediate observed impact is an application crash (denial of service), but the CWE-416 root cause and the vendor's CVSS confidentiality/integrity ratings indicate potential for arbitrary code execution in the context of the user. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Use-after-free memory corruption in Foxit PDF Editor (≤14.0.4) and Foxit PDF Reader (≤2026.1.1) allows a crafted PDF containing malicious form-reset JavaScript to trigger a stale control-pointer dereference, crashing the application and potentially enabling arbitrary code execution in the victim's context. Exploitation requires the user to open a booby-trapped document; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Foxit, the reporting vendor, has issued a security bulletin covering the affected versions.
Use-after-free during PDF field processing in Foxit PDF Editor and Foxit PDF Reader allows a crafted document to delete the current page and then reuse now-dangling field objects, causing an illegal memory read and application crash. Affects Foxit PDF Editor through 14.0.4 / 2026.1.1 and Foxit PDF Reader through 2026.1.1; exploitation requires a user to open a malicious PDF. No public exploit identified at time of analysis and the flaw is not in CISA KEV; vendor (Foxit) reported it and tags it primarily as denial of service / memory corruption.
Use-after-free memory corruption in Foxit PDF Editor and Foxit PDF Reader is triggered when JavaScript embedded in a malicious PDF resets form fields and re-enters the interface, causing the application to invoke a method on a freed native object. An attacker who convinces a user to open a crafted PDF can crash the application, and because the flaw is a use-after-free (CWE-416), it carries potential for memory-corruption abuse beyond denial of service. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF containing embedded JavaScript to trigger a use-after-free (CWE-416) when the script manipulates a list box field and the form is subsequently reset. A victim who merely opens the malicious document can have the application dereference a dangling pointer to freed form-field memory; Foxit itself reported the flaw and CVSS rates it 7.8. No public exploit or CISA KEV listing exists, so this is no public exploit identified at time of analysis, though use-after-free in a scriptable PDF engine is a classic path toward code execution.
Use-after-free in the GLX dispatch layer of X.Org X Server and Xwayland allows an authenticated X client to corrupt heap memory by triggering a contextTags array reallocation while a stale pointer is still held. The attacker crafts a deterministic sequence of exactly 34 GLX requests - 17 CreateContext and 17 MakeCurrent calls - to force the realloc, after which GlxFreeContextTag writes zeros into freed memory at five fixed offsets. No CVSS vector or KEV listing is present; the vulnerability was discovered by an anonymous researcher through Trend Micro Zero Day Initiative (ZDI-CAN-30561), indicating active vulnerability research interest though no public exploit has been confirmed.
OpenSSH sshd before version 10.4 fails to consistently enforce its built-in minimum authentication delay, undermining the rate-limiting defense designed to slow credential-guessing attacks against SSH services. All OpenSSH releases prior to 10.4 are affected across all platforms, enabling unauthenticated remote attackers to submit authentication attempts at a rate higher than the daemon intends to permit. No public exploit code has been identified and the vulnerability is absent from CISA KEV; however, the trivial attack complexity combined with OpenSSH's near-universal deployment footprint makes prompt patching appropriate.
Denial of service in OpenSSH sshd before 10.4 lets remote unauthenticated attackers exhaust server resources by driving excessive authentication attempts, because the MaxAuthTries cap was not correctly enforced for the GSSAPIAuthentication path. Only deployments that have enabled GSSAPI-based authentication are exposed, and there is no public exploit identified at time of analysis. EPSS is low (0.34%, 26th percentile) and CISA SSVC records no observed exploitation, so this is a real but non-urgent availability issue rather than a code-execution threat.
NULL pointer dereference in SQLite's Session Extension crashes any application that passes attacker-controlled changeset blobs to sqlite3changeset_apply_v3(). Affected releases include SQLite 3.53.1 and all trunk builds prior to check-in e807d4e3798efd53. Impact is limited to availability - the process crashes - but because SQLite is embedded ubiquitously, the blast radius depends entirely on how widely consuming applications expose this code path to untrusted input. A public proof-of-concept gist is referenced in the CVE record; no public exploit identified at time of analysis beyond that demonstrator, and the vulnerability is not listed in CISA KEV.
SMTP command injection in aiosmtplib (all versions through 5.1.0) enables any attacker who can influence email addresses passed to SMTP.mail(), SMTP.rcpt(), SMTP.vrfy(), SMTP.expn(), or the higher-level SMTP.sendmail() to inject arbitrary SMTP protocol commands by embedding CR/LF bytes in the address string. Applications that accept sender or recipient addresses from untrusted input - web forms, APIs - and forward them to these methods without CR/LF sanitization are at risk of session desynchronization, client-side denial of service via SMTP client hang, or delivery of attacker-crafted email through the victim application's SMTP connection. No vendor-released patch version is confirmed from available data at time of analysis, and no public exploit has been identified.
Unbounded recursive descent in the RaTeX Rust crate ratex-parser crashes the entire host process when fed deeply nested LaTeX input. The mutual recursion across parse_expression, parse_atom, and parse_group in crates/ratex-parser/src/parser.rs carries no depth guard, so roughly 200,000 nested braces (~400 KB of input, or far less on async worker threads with 512 KB stacks) exhausts the native OS stack and triggers a fatal SIGABRT from which the process cannot recover. In any server-side math rendering deployment that accepts untrusted LaTeX, this constitutes a reliable unauthenticated denial-of-service; publicly available exploit code confirms trivial reproduction with a Python one-liner.
Denial of service in RaTeX, a Rust LaTeX-rendering library (crate ratex-parser), lets remote attackers crash any service that parses untrusted LaTeX by submitting a 9-byte `\verb` command whose delimiter is a multibyte UTF-8 character (e.g. `\verbéxé`). The parser slices the verbatim argument using byte indices rather than character boundaries, so index 1 lands inside the `é` character and Rust panics; because the release profile sets `panic = "abort"`, the panic terminates the entire process, not just one request. Publicly available exploit code exists (a one-line PoC in the GHSA advisory); no active exploitation is reported.
Regular-expression denial of service in the String::Util Perl module (versions before 1.36) lets remote unauthenticated attackers exhaust CPU by supplying a string with a long run of whitespace to the trim or rtrim functions. The vulnerable `s/\s*$//u` pattern backtracks quadratically over whitespace runs, so any application feeding untrusted input through these helpers is exposed. No public exploit code has been identified; EPSS is low (0.19%, 9th percentile) and the flaw is not on CISA KEV, indicating no observed active exploitation.
Integer underflow in the OpenWrt Emergency Access Daemon crashes the daemon when any unauthenticated attacker on the local network sends a single crafted UDP packet to it. Affected are all OpenWrt versions prior to v25.12.5. The CVSS adjacent-network vector (AV:A) constrains the attack surface to local or adjacent network segments, but within that context exploitation requires no credentials and no user interaction - a single malformed packet suffices. No public exploit code or CISA KEV listing has been identified at time of analysis; the patch is confirmed available in v25.12.5.
Phoenix Framework's Presence JavaScript client allows any user with ordinary channel access to permanently break presence synchronization for all other viewers of an affected channel topic. By joining a channel using a key name that collides with an Object.prototype property (such as '__proto__', 'constructor', or 'toString'), an attacker causes an uncaught TypeError inside Presence.syncState and Presence.syncDiff that halts all further presence updates for every connected viewer until the attacker disconnects. This is not in CISA KEV, no public exploit has been identified, and the CVSS 4.0 score of 6.3 reflects the limited but persistent client-side availability impact with no server-side exposure.
Denial of service in the Phoenix Framework (Elixir) affects any endpoint mounting a Phoenix.Socket with a reachable WebSocket or LongPoll channel transport, in versions from 0.11.0 up to the fixed 1.5.15, 1.6.17, 1.7.24, and 1.8.9. Because transports place no cap on channels joined per connection, one unauthenticated client can stream unlimited phx_join messages down a single connection to spawn hundreds of thousands of channel processes and exhaust the BEAM process table, taking the whole node offline. Rated CVSS 4.0 8.7 (availability-only impact); no public exploit identified at time of analysis, though the mechanics are described in detail in the vendor advisory.
Heap-buffer-overflow in 389 Directory Server's DN normalization routine allows an unauthenticated remote attacker to corrupt heap memory and likely crash the LDAP service. The flaw triggers when the server processes an LDAP operation - such as a search request - whose base DN contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name (RDN), causing an out-of-bounds write during RDN attribute-value pair sorting. Per the confirmed CVSS vector (PR:N), no authentication is required; no public exploit code or CISA KEV listing has been identified at time of analysis.
Null pointer dereference in the ONNX Python library's version converter crashes any application that calls `onnx.version_converter.convert_version()` on a crafted model containing an Upsample node with zero inputs, producing an unrecoverable SIGSEGV. Affected versions include at minimum onnx 1.21.0 and 1.22.0, confirmed by a 107-byte public proof-of-concept; the vulnerability is part of a systemic pattern spanning eight adapters. No public active exploitation is confirmed in CISA KEV, but the trivially small PoC eliminates any meaningful exploitation barrier for threat actors targeting ML model conversion pipelines.
Kernel denial-of-service in Zephyr RTOS v4.4.0's Dhara flash translation layer driver crashes the system during FTL disk initialization when a flash error coincides with the journal-resume checkpoint scan. The driver's dhara_nand_read/erase/prog/copy callbacks unconditionally dereference the caller-supplied err pointer, but the upstream Dhara library legitimately passes NULL during its binary search in find_last_checkblock(), triggering a NULL write and kernel fault. No public exploit code has been identified and this CVE is absent from the CISA KEV catalog; exploitation is gated on specific flash media conditions (uncorrectable ECC, bad block, or induced fault) occurring on a checkpoint page at mount time, constraining real-world risk to physical or supply-chain threat models.
Denial of service in Red Hat / 389 Directory Server (389-ds-base, versions since ~1.3.2/2013) allows an authenticated LDAP client to crash the server by sending an oversized UNBIND packet over a SASL integrity-protected connection. The oversized data overflows a fixed 512-byte heap receive buffer in sasl_io_recv() (sasl_io.c), and in FreeIPA / Red Hat IdM any domain user, enrolled host, or service account with a valid Kerberos ticket can trigger it after GSSAPI authentication. There is no public exploit identified at time of analysis, and this flaw is distinct from the earlier CVE-2025-14905 schema.c overflow, which did not fix this code path.
Heap memory corruption in GIMP's PSD (Photoshop) file parser allows a malicious .psd image to overflow an integer in read_RLE_channel(), producing an undersized heap allocation for the RLE row-length table that is then overwritten row-by-row, potentially yielding denial of service or arbitrary code execution. The flaw affects GIMP as shipped across Red Hat Enterprise Linux 6 through 9 and is triggered when a victim opens or imports a crafted PSD file. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.
Uncaught Exception in the Gallagher Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated and authorized operator to force a controller restart by sending specific crafted requests, causing a temporary denial of service. Affected versions span Gallagher Command Centre 9.20 through 9.50 (pre-patch) and all versions of 9.10 and earlier. No public exploit code exists and no active exploitation has been identified; the high privilege requirement substantially limits real-world attack surface to insider or compromised-operator scenarios.
Gallagher Command Centre's T20 Readers component crashes and restarts when an authenticated, high-privilege operator sends specific crafted requests, causing a temporary denial of service. Exploitation requires existing operator-level credentials and authorization - this cannot be triggered by unauthenticated or low-privilege users. The vulnerability carries a CVSS 2.7 (Low) score with no public exploit code and no CISA KEV listing, indicating minimal real-world threat beyond insider misuse or compromised operator accounts.
NULL pointer dereference in GPAC's smooth_parse_stream_index() function crashes the application when processing a maliciously crafted MPEG-DASH or Smooth Streaming media file, resulting in denial of service. Affected versions are all GPAC master HEAD builds prior to commit b35c61f104b85fbb16520ac2838d5d2ef70845b5. Exploitation requires local access and user interaction to open a crafted file; a proof-of-concept is publicly available via GitHub Gist, though EPSS sits at 0.17% (7th percentile) and no active exploitation has been confirmed by CISA KEV.
Memory exhaustion in Coder's AI Bridge feature allows an authenticated member-level user to crash the entire control plane by sending arbitrarily large HTTP request bodies to provider endpoints such as `/api/v2/aibridge/anthropic/v1/messages`. Because AI Bridge runs in-process with `coderd`, a single crafted request can grow heap memory until the OS terminates the process, taking down the API server, workspace coordinator, and DERP relay simultaneously. No public exploit has been identified at time of analysis, but the vendor credits Anthropic's Security Team (ANT-2026-22443) with independent discovery, indicating external security research attention. Patched versions are available for the affected v2.33 and v2.34 release lines.
Authorization bypass in the Coder devcontainer recreate endpoint allows any authenticated user holding only read-level workspace access - such as Template Admin or Org Template Admin roles - to trigger a destructive container rebuild that destroys uncommitted in-container state. Unlike the sibling delete endpoint, which correctly enforces an ActionUpdate check, the recreate endpoint relied solely on route middleware verifying ActionRead, leaving the destructive operation unguarded against lower-privileged principals. No public exploit has been identified at time of analysis; vendor-confirmed patches are available across all supported release lines.
Denial of service in Coder's coderd server allows any authenticated user with file-upload access to exhaust server memory by uploading a crafted zip bomb via POST /api/v2/files, crashing the service before RBAC checks execute. Affected versions span all supported release lines prior to v2.34.2, v2.33.8, v2.32.7, and v2.29.17 (ESR). No public exploit has been identified at time of analysis; the impact is strictly an availability loss - the advisory explicitly confirms no data disclosure or code execution is possible, contradicting the 'RCE' tag present in the intelligence feed.
Uncontrolled memory allocation in Coder's provisioner daemon allows an authenticated user to crash the entire coderd deployment with a single ~50-byte network message. The vulnerability exists in the NewDataBuilder function within provisionersdk/proto/dataupload.go, which blindly allocates a byte slice using a client-supplied FileSize field from a DataUpload DRPC message, with no upper-bound validation. By declaring a massive FileSize value such as 1 TiB, an attacker with provisioner daemon credentials can trigger a Go runtime out-of-memory abort, terminating coderd and denying service to all users of the deployment. No public exploit code has been identified and this vulnerability is not listed in CISA KEV at time of analysis.
Arbitrary file write as root via symlink attack in Linuxfabrik Monitoring Plugins affects any deployment using the provided sudoers configuration. The monitoring plugins create SQLite databases at predictable, static paths under /tmp; an attacker who has already gained access to the nagios service account can pre-place symlinks at those paths, and when a monitoring script is subsequently invoked via sudo, it follows the symlink and writes a SQLite database to any attacker-chosen path on the filesystem. A proof-of-concept is included in the GitHub Security Advisory GHSA-r35r-fpx2-jgr4, and no CISA KEV listing or CVSS score has been assigned at time of analysis.
Denial of service in vLLM 0.12.0 through 0.23.x lets any authorized API caller crash the entire inference server by submitting a pure prompt-embeddings payload to the /v1/completions endpoint when a model using M-RoPE (multimodal rotary position embedding) is loaded. The malformed request trips a reachable assertion in the EngineCore process, which terminates the whole server rather than rejecting the single request. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; the flaw is fixed in vLLM 0.24.0.
Denial of service in vLLM inference servers prior to 0.24.0 allows remote unauthenticated attackers to hang an inference worker indefinitely by submitting a single request with an adversarial regular expression via the structured_outputs.regex API parameter. The pattern is passed to grammar compiler backends (xgrammar with no guard, outlines with structural-but-not-complexity validation) where nested quantifiers trigger exponential state-space expansion (ReDoS). No public exploit identified at time of analysis, though the trivial request-based trigger makes weaponization straightforward.
Denial of service in the vLLM LLM inference server (all versions prior to 0.24.0) allows a remote client to crash the shared engine worker by sending a specific multi-request speculative decoding workload. The rejection sampler produces a recovered token equal to the vocabulary-size boundary, which is coerced to -1, written back into the drafter's input ids, and later dereferenced by the embedding/attention path, triggering a GPU device-side assertion that kills the worker. There is no public exploit identified at time of analysis and this CVE is not in CISA KEV; per CVSS the impact is availability-only (C:N/I:N/A:H) with a low EPSS profile expected for a crash-only bug.
Null Pointer Dereference in Adobe DNG SDK versions 1.7.1 build 2536 and earlier allows an attacker to crash any application embedding the SDK by supplying a specially crafted DNG file. The flaw is strictly a denial-of-service with no confidentiality or integrity impact, and requires a victim to open the malicious file, constraining realistic exposure to imaging pipelines or end-user applications that ingest untrusted DNG content. No public exploit code and no active exploitation have been identified at time of analysis.
Memory exhaustion in vLLM 0.22.0-0.23.0 allows authenticated API callers to crash or destabilize the inference server by uploading arbitrarily large audio files. The `/v1/audio/transcriptions` and `/v1/audio/translations` endpoints invoke `request.file.read()` to fully buffer multipart uploads into process memory before the `VLLM_MAX_AUDIO_CLIP_FILESIZE_MB` size guard is evaluated, meaning the size limit is checked only after the damage is done. No public exploit is identified at time of analysis; vendor-confirmed fix is available in version 0.24.0.