Skip to main content

Libmicrohttpd

6 CVEs product

Monthly

CVE-2025-62689 HIGH PATCH This Month

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Heap Overflow Libmicrohttpd Red Hat +1
NVD
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-59777 HIGH PATCH This Month

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Null Pointer Dereference Libmicrohttpd Red Hat Suse
NVD
CVSS 4.0
8.7
EPSS
0.1%
CVE-2023-27371 MEDIUM POC PATCH This Month

GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Buffer Overflow Information Disclosure Denial Of Service Libmicrohttpd
NVD GitHub
CVSS 3.1
5.9
EPSS
1.2%
CVE-2021-3466 CRITICAL PATCH Act Now

A flaw was found in libmicrohttpd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Libmicrohttpd Enterprise Linux Fedora
NVD
CVSS 3.1
9.8
EPSS
8.7%
CVE-2013-7039 MEDIUM This Month

Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large value, allows remote attackers to cause a. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE Libmicrohttpd
NVD
CVSS 2.0
5.1
EPSS
2.4%
CVE-2013-7038 MEDIUM This Month

The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Libmicrohttpd
NVD
CVSS 2.0
6.4
EPSS
0.9%
EPSS 0% CVSS 8.7
HIGH PATCH This Month

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Heap Overflow +3
NVD
EPSS 0% CVSS 8.7
HIGH PATCH This Month

NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Null Pointer Dereference Libmicrohttpd +2
NVD
EPSS 1% CVSS 5.9
MEDIUM POC PATCH This Month

GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Buffer Overflow Information Disclosure Denial Of Service +1
NVD GitHub
EPSS 9% CVSS 9.8
CRITICAL PATCH Act Now

A flaw was found in libmicrohttpd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Libmicrohttpd Enterprise Linux +1
NVD
EPSS 2% CVSS 5.1
MEDIUM This Month

Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large value, allows remote attackers to cause a. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE +1
NVD
EPSS 1% CVSS 6.4
MEDIUM This Month

The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Libmicrohttpd
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy