Skip to main content

Memory Corruption

15288 CVEs technique

Monthly

CVE-2025-43202 HIGH PATCH This Week

Memory corruption vulnerability in Apple iOS, iPadOS, and macOS allows local attackers to achieve denial of service or potentially arbitrary code execution through malicious file processing. The vulnerability affects iOS and iPadOS versions below 18.6 and macOS Sequoia below 15.6, and has been patched in iOS 18.6, iPadOS 18.6, and macOS Sequoia 15.6. No public exploit identified at time of analysis, and CVSS severity is not numerically specified by Apple, though the buffer overflow classification and file processing attack vector indicate moderate to high real-world risk for users who encounter malicious content.

Apple Buffer Overflow Memory Corruption
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-43219 HIGH PATCH This Week

Memory corruption in macOS Sequoia image processing allows remote attackers to achieve arbitrary code execution via maliciously crafted images requiring user interaction. Affects macOS Sequoia versions prior to 15.6, with CVSS 8.8 (High) severity due to potential for complete system compromise. EPSS data unavailable; no public exploit identified at time of analysis. Apple addressed the vulnerability through improved memory handling in macOS 15.6 (released June 2025). Attack requires victim to process a weaponized image file, making social engineering or malicious websites likely delivery vectors.

Apple Memory Corruption Buffer Overflow
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5360 LOW Monitor

Type confusion in Free5GC 4.2.0's aper component allows remote attackers to trigger memory corruption and information disclosure with high attack complexity and without authentication. The vulnerability stems from improper type handling in ASN.1 parsing and has publicly available exploit code, though active exploitation at scale has not been confirmed. CVSS 6.3 with availability impact and exploit proof-of-concept disclosure warrant timely patching.

Information Disclosure Memory Corruption Free5gc
NVD GitHub VulDB
CVSS 4.0
2.9
EPSS
0.0%
CVE-2026-23415 HIGH PATCH This Week

Use-after-free vulnerability in Linux kernel futex handling allows local attackers to read freed memory via race condition between futex_key_to_node_opt() and vma_replace_policy(). When mbind() concurrently replaces virtual memory area policies, __futex_key_to_node() may dereference a freed mempolicy structure, enabling information disclosure of kernel memory. The vulnerability requires local access and precise timing but poses memory safety risk in multi-threaded applications using futex operations alongside memory policy changes.

Linux Use After Free Information Disclosure Memory Corruption Red Hat
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23413 HIGH PATCH This Week

Use-after-free in Linux kernel clsact qdisc initialization and destruction rollback allows local denial of service or potential information disclosure when qdisc replacement fails midway during tcf_block_get_ext() operations. The vulnerability stems from asymmetric initialization and cleanup paths where egress_entry references from a previous clsact instance remain valid during failure scenarios, leading to double-free or use-after-free conditions. Affected Linux kernel versions across all distributions that include the clsact traffic control qdisc require patching.

Linux Use After Free Information Disclosure Memory Corruption Red Hat
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23412 HIGH PATCH This Week

Use-after-free in Linux kernel netfilter BPF hook memory management allows local attackers to read sensitive kernel memory via concurrent nfnetlink_hooks dumping operations. The vulnerability arises from premature memory release in hook structures before RCU readers complete their access, enabling information disclosure through netlink interface. No active exploitation confirmed, but the KASAN report demonstrates reliable reproducer availability.

Linux Use After Free Information Disclosure Memory Corruption Red Hat
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-5318 LOW POC PATCH Monitor

Out-of-bounds write in LibRaw's JPEG DHT parser (HuffTable::initval function) allows unauthenticated remote attackers to trigger a denial of service via malformed JPEG image files. LibRaw versions up to 0.22.0 are affected; publicly available exploit code exists. CVSS 4.3 (low severity) reflects denial-of-service impact only, with low attack complexity and no authentication required. Vendor-released patch available in version 0.22.1.

Buffer Overflow Memory Corruption Libraw
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5317 LOW POC PATCH Monitor

Out-of-bounds write in Nothings stb library up to version 1.22 allows remote attackers to corrupt memory and potentially execute code by crafting malicious Vorbis audio files that trigger improper bounds checking in the start_decoder function. Publicly available exploit code exists for this vulnerability, which affects all applications statically linking vulnerable stb_vorbis.c code. The vendor has not responded to disclosure attempts, leaving deployed instances without an official patch.

Buffer Overflow Memory Corruption Stb
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-20097 MEDIUM This Month

Cisco IMC web-based management interface allows authenticated administrators to execute arbitrary code as root through improper input validation in HTTP requests. The vulnerability affects Cisco Unified Computing System (standalone) and requires admin-level credentials and network access; successful exploitation grants attacker root-level code execution on the underlying operating system. No public exploit code or active exploitation has been identified at time of analysis.

Cisco RCE Memory Corruption Buffer Overflow
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-23401 MEDIUM PATCH This Month

Linux kernel KVM x86/MMU incorrectly installs emulated MMIO shadow page table entries (SPTEs) without first zapping existing shadow-present SPTEs when host userspace modifies guest page tables outside KVM's scope, causing kernel warnings and potential memory consistency issues. The vulnerability affects KVM on x86 systems running vulnerable kernel versions and can be triggered by a local attacker with ability to manipulate guest memory or run guest VMs, though the practical impact beyond kernel instability remains limited.

Linux Authentication Bypass Memory Corruption Use After Free
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-5290 CRITICAL PATCH Act Now

Use-after-free in Chrome's compositing engine allows remote attackers who have compromised the renderer process to escape the sandbox via crafted HTML pages in Google Chrome prior to version 146.0.7680.178. This high-severity vulnerability requires prior renderer compromise but enables privilege escalation from the sandboxed renderer to system-level access, making it a critical sandbox bypass vector. Vendor-released patch addresses the issue in Chrome 146.0.7680.178 and later.

Google Use After Free Denial Of Service Memory Corruption Debian +2
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-5289 CRITICAL PATCH Act Now

Use-after-free in Google Chrome's Navigation component prior to version 146.0.7680.178 enables sandbox escape for attackers who have already compromised the renderer process, allowing them to potentially execute arbitrary code with elevated privileges via a malicious HTML page. Chromium rates this as high severity; patch availability confirmed from vendor.

Google Use After Free Denial Of Service Memory Corruption Debian +2
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-5288 CRITICAL PATCH Act Now

Use-after-free in Chrome's WebView on Android prior to version 146.0.7680.178 allows a remote attacker with a compromised renderer process to escape the sandbox via crafted HTML, potentially leading to arbitrary code execution outside the browser's security boundary. This vulnerability requires prior renderer compromise but eliminates a critical containment layer, classified as High severity by Chromium.

Google Use After Free Denial Of Service Memory Corruption Debian +2
NVD VulDB
CVSS 3.1
9.6
EPSS
0.0%
CVE-2026-5287 HIGH PATCH This Week

Remote code execution in Google Chrome prior to version 146.0.7680.178 allows attackers to execute arbitrary code within the Chrome sandbox via a specially crafted PDF file. The vulnerability exists in Chrome's PDF handling component and is caused by a use-after-free memory corruption flaw. Patch availability has been confirmed via vendor release, and the Chromium security team has classified this as High severity.

Google Use After Free RCE Memory Corruption Denial Of Service +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5273 MEDIUM PATCH This Month

Remote code execution in Google Chrome's CSS engine prior to version 146.0.7680.178 allows unauthenticated remote attackers to execute arbitrary code within the Chrome sandbox via a crafted HTML page. The vulnerability stems from a use-after-free memory error in CSS processing, classified as high severity by the Chromium security team. Vendor-released patch available in Chrome 146.0.7680.178 and later.

Google Use After Free RCE Memory Corruption Denial Of Service +1
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-5286 HIGH PATCH This Week

Remote code execution in Google Chrome prior to version 146.0.7680.178 via use-after-free vulnerability in the Dawn graphics library allows unauthenticated remote attackers to execute arbitrary code through a crafted HTML page. The vulnerability affects all Chrome versions below the patched release and carries high severity per Chromium's assessment.

Google Use After Free RCE Memory Corruption Denial Of Service +4
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5285 HIGH PATCH This Week

Remote code execution in Google Chrome prior to version 146.0.7680.178 via use-after-free vulnerability in WebGL allows unauthenticated remote attackers to execute arbitrary code within the browser sandbox by delivering a crafted HTML page. The vulnerability is marked as High severity by Chromium security and a vendor-released patch is available.

Google Use After Free RCE Memory Corruption Denial Of Service +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5284 HIGH PATCH This Week

Remote code execution in Google Chrome prior to 146.0.7680.178 via use-after-free vulnerability in Dawn graphics subsystem allows an attacker who has already compromised the renderer process to execute arbitrary code through a crafted HTML page. This vulnerability requires prior renderer compromise but presents significant risk in multi-process exploitation chains; vendor has released patched version 146.0.7680.178 to address the issue.

Google Use After Free RCE Memory Corruption Denial Of Service +4
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-5281 HIGH POC KEV PATCH THREAT NEWS Act Now

Remote code execution in Google Chrome prior to version 146.0.7680.178 via a use-after-free vulnerability in the Dawn graphics component allows attackers who have already compromised the renderer process to execute arbitrary code through a crafted HTML page. The vulnerability requires prior renderer compromise but results in full code execution with high severity per Chromium's security classification.

Google Use After Free RCE Memory Corruption Denial Of Service +1
NVD VulDB GitHub
CVSS 3.1
8.8
EPSS
0.0%
Threat
4.8
CVE-2026-5280 HIGH PATCH This Week

Remote code execution in Google Chrome prior to 146.0.7680.178 allows unauthenticated remote attackers to execute arbitrary code within the Chrome sandbox via a crafted HTML page exploiting a use-after-free vulnerability in the WebCodecs component. The vulnerability affects all versions before the patched release and has been addressed by Google with a vendor-released patch; no public exploit code or active exploitation has been confirmed at the time of analysis.

Google Use After Free RCE Memory Corruption Denial Of Service +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5278 HIGH PATCH This Week

Remote code execution in Google Chrome on Android via use-after-free vulnerability in Web MIDI allows unauthenticated remote attackers to execute arbitrary code through a crafted HTML page. The vulnerability affects Chrome versions prior to 146.0.7680.178 and carries high severity per Chromium's security classification. A vendor-released patch is available.

Google Use After Free RCE Memory Corruption Denial Of Service +4
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3779 HIGH This Week

Use-after-free in Foxit PDF Reader and Editor allows arbitrary code execution when processing maliciously crafted PDF documents containing list box calculation arrays. The vulnerability (CVSS 7.8) occurs when stale references to deleted or re-created page/form objects persist in calculation logic, enabling local attackers to execute code with user privileges when victims open weaponized PDFs. No public exploit identified at time of analysis, though the memory corruption primitive is well-understood by exploit developers.

Use After Free RCE Memory Corruption Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-3777 MEDIUM This Month

Use-after-free in Foxit PDF Editor and Foxit PDF Reader allows local attackers to achieve arbitrary code execution by crafting malicious JavaScript that manipulates document zoom and page state, causing stale view cache pointers to be dereferenced after the underlying view object is destroyed. The vulnerability requires user interaction (opening a crafted PDF) and local access, with a CVSS score of 5.5 reflecting denial-of-service impact, though the underlying memory corruption (CWE-416) and RCE tags indicate higher real-world severity under exploitation.

Use After Free RCE Memory Corruption Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-5190 HIGH PATCH This Week

Memory corruption leading to arbitrary code execution affects AWS C Event Stream library versions before 0.6.0 when clients process malicious event-stream messages from attacker-controlled servers. The out-of-bounds write vulnerability in the streaming decoder requires high attack complexity and user interaction (CVSS:3.1/AV:N/AC:H/PR:N/UI:R), but grants complete control over confidentiality, integrity, and availability if successfully exploited. No public exploit identified at time of analysis, with EPSS data unavailable for this 2026-dated CVE. Vendor-released patch version 0.6.0 addresses the issue.

Buffer Overflow RCE Memory Corruption Suse
NVD GitHub VulDB
CVSS 4.0
7.7
EPSS
0.0%
CVE-2026-34595 npm MEDIUM PATCH GHSA This Month

Parse Server versions prior to 8.6.70 and 9.7.0-alpha.18 allow authenticated users with find class-level permissions to bypass protectedFields restrictions on LiveQuery subscriptions by submitting array-like objects with numeric keys instead of proper arrays in $or, $and, or $nor operators. This enables information disclosure through a binary oracle attack that reveals whether protected fields match attacker-supplied values. The vulnerability requires prior authentication and find-level access but no user interaction, affecting all deployments of vulnerable Parse Server versions.

Node.js Authentication Bypass Memory Corruption Oracle
NVD GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-27854 MEDIUM PATCH This Month

DNSdist instances using custom Lua code can be crashed via denial of service when the DNSQuestion:getEDNSOptions method accesses a modified DNS packet, triggering a use-after-free condition. This affects DNSdist across all versions and requires network access to send crafted DNS queries, but the attack demands specific Lua code patterns and high attack complexity; no public exploit or active exploitation has been confirmed, and the real-world impact is limited to environments where custom Lua DNS query handlers reference EDNS options.

Use After Free Denial Of Service Memory Corruption Dnsdist
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-27853 MEDIUM PATCH This Month

DNSdist fails to validate packet size bounds when rewriting DNS questions or responses via Lua methods (DNSQuestion:changeName, DNSResponse:changeName), allowing unauthenticated remote attackers to craft DNS responses that trigger out-of-bounds writes and exceed the 65535-byte DNS packet size limit, resulting in denial of service via crash. CVSS 5.9 (high availability impact); no public exploit code identified at time of analysis.

Buffer Overflow Denial Of Service Memory Corruption Dnsdist
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2019-25654 HIGH POC This Week

Core FTP/SFTP Server 1.2 contains a buffer overflow vulnerability that allows attackers to crash the service by supplying an excessively long string in the User domain field. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Core Ftp Sftp Server
NVD Exploit-DB VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2018-25235 MEDIUM POC This Month

NetworkActiv Web Server 4.0 contains a buffer overflow vulnerability in the username field of the Security options that allows local attackers to crash the application by supplying an excessively. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Networkactiv Web Server
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25230 MEDIUM POC This Month

Free IP Switcher 3.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Computer Name field. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Free Ip Switcher
NVD Exploit-DB VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2018-25228 MEDIUM POC This Month

NetSetMan 4.7.1 contains a buffer overflow vulnerability in the Workgroup feature that allows local attackers to crash the application by supplying oversized input. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Netsetman
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25226 MEDIUM POC This Month

FTPShell Server 6.83 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the account name field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Ftpshell Server
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2017-20228 HIGH POC This Week

Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Flat Assembler
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25223 CRITICAL POC PATCH Act Now

Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Denial Of Service Crashmail
NVD Exploit-DB VulDB
CVSS 4.0
9.3
EPSS
0.2%
CVE-2018-25222 HIGH POC PATCH This Week

SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Sc
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25221 CRITICAL POC Act Now

EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows remote attackers to execute arbitrary code by supplying an oversized username parameter. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Echat Server
NVD Exploit-DB VulDB
CVSS 4.0
9.3
EPSS
0.2%
CVE-2018-25220 CRITICAL POC PATCH Act Now

Bochs 2.6-5 contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized input string to the application. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Bochs
NVD Exploit-DB VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2017-20229 CRITICAL POC PATCH Act Now

MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Mawk
NVD Exploit-DB VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2017-20227 CRITICAL POC PATCH Act Now

JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying overly long input that exceeds buffer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Java Buffer Overflow
NVD Exploit-DB VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2017-20226 HIGH POC This Week

Mapscrn 2.0.3 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized input buffer. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Denial Of Service Mapscrn
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2017-20225 CRITICAL POC PATCH Act Now

TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Tiemu
NVD Exploit-DB VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2016-20049 CRITICAL POC PATCH Act Now

JAD 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries.

RCE Memory Corruption Buffer Overflow Jad Java Decompiler
NVD Exploit-DB VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2016-20047 HIGH POC This Week

EKG Gadu 1.9~pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an oversized username string. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Ekg Gadu
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20046 HIGH POC This Week

zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerability in the NAME parameter handling of FTP connections that allows local attackers to crash the application or execute arbitrary. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Zftp Client
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20045 HIGH POC This Week

HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Hnb
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20044 HIGH POC PATCH This Week

PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Pinfo
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20043 HIGH POC PATCH This Week

NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Nrss Reader
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20042 HIGH POC PATCH This Week

TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Threaded Usenet News Reader
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20039 HIGH POC This Week

Multi Emulator Super System 0.154-3.1 contains a buffer overflow vulnerability in the gamma parameter handling that allows local attackers to crash the application or execute arbitrary code. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow Mess Emulator
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20038 HIGH POC PATCH This Week

yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an excessively long argument to the application. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Ytree
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2016-20037 HIGH POC PATCH This Week

xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow Denial Of Service Xwpe
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2026-27309 HIGH This Week

Arbitrary code execution in Adobe Substance3D Stager 3.1.7 and earlier allows local attackers to execute malicious code with user privileges through specially crafted files. Exploitation requires social engineering to trick users into opening weaponized Stager project files. No public exploit identified at time of analysis, though the use-after-free vulnerability class is well-understood and exploitable. CVSS 7.8 (High) reflects significant impact if exploited, though local attack vector and user interaction requirement reduce immediate risk compared to remotely exploitable flaws.

RCE Use After Free Memory Corruption Denial Of Service Substance3D Stager
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-27880 HIGH PATCH This Week

Grafana's OpenFeature feature toggle evaluation endpoint can be forced into an out-of-memory condition by submitting unbounded values, enabling remote denial-of-service attacks against the monitoring platform. The vulnerability is network-accessible, requires no authentication (CVSS AV:N/AC:L/PR:N), and has been assigned a CVSS score of 7.5 with high availability impact. No public exploit identified at time of analysis, and authentication requirements confirm unauthenticated access per the CVSS vector PR:N.

Buffer Overflow Memory Corruption Grafana
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2024-14028 MEDIUM PATCH This Month

Use after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service Smartlink Hw Dp Smartlink Hw Pn
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-33721 MEDIUM PATCH This Month

MapServer versions 4.2 through 8.6.0 are vulnerable to a heap buffer overflow in the SLD (Styled Layer Descriptor) parser that allows remote, unauthenticated attackers to crash the MapServer process by sending a crafted SLD document containing more than 100 Threshold elements within a ColorMap/Categorize structure. The vulnerability is reachable via WMS GetMap requests using the SLD_BODY parameter, requiring no authentication or user interaction. Vendor-released patch: version 8.6.1 eliminates the issue; no public exploit code or active exploitation has been identified at time of analysis.

Buffer Overflow Memory Corruption Mapserver
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-2100 HIGH PATCH This Week

Denial of service in p11-kit's PKCS#11 RPC client allows a malicious remote token to trigger a NULL pointer dereference or undefined behavior in applications consuming derive-key operations. The flaw is reachable when an application calls C_DeriveKey against a remote token using IBM Kyber or IBM BTC derive mechanisms whose parameters are NULL, with the RPC client returning an uninitialized value. EPSS is low (0.10%) and no public exploit identified at time of analysis; SSVC marks exploitation as none but automatable.

IBM Denial Of Service Memory Corruption Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 +4
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-33535 NuGet MEDIUM PATCH This Month

X11 display interaction path contains an out-of-bounds write vulnerability that allows local attackers to crash affected applications through a single zero byte write. The medium-severity flaw (CVSS 4.0) requires no privileges or user interaction to trigger a denial of service condition. No patch is currently available for this vulnerability.

Buffer Overflow Memory Corruption Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2026-33416 HIGH PATCH NEWS This Week

A security vulnerability in versions 1.2.1 (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Use After Free Memory Corruption Information Disclosure Red Hat
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-27828 MEDIUM PATCH This Month

EVerest charging software stack versions prior to 2026.02.0 contain a use-after-free vulnerability in the ISO15118_chargerImpl::handle_session_setup function that crashes the EVSE process when session setup commands are issued after ISO15118 initialization failure. Remote attackers with MQTT access can trigger this denial of service condition by sending a crafted session_setup command, causing the process to reference freed memory (v2g_ctx). A vendor-released patch is available in version 2026.02.0.

Use After Free Denial Of Service Memory Corruption Everest Core
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-27816 MEDIUM PATCH This Month

EVerest-Core prior to version 2026.02.0 contains an out-of-bounds write vulnerability in the ISO15118_chargerImpl::handle_update_energy_transfer_modes function, where variable-length MQTT command payloads are copied into a fixed-size 6-element array without bounds checking. When schema validation is disabled by default, oversized payloads trigger memory corruption that can crash the EV charging service or corrupt adjacent EVSE (Electric Vehicle Supply Equipment) state, affecting the integrity and availability of EV charging infrastructure. No public exploit code has been identified at the time of analysis, but the vulnerability is patched in version 2026.02.0.

Buffer Overflow Memory Corruption Everest Core
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-27815 MEDIUM PATCH This Month

Out-of-bounds memory writes in EVerest charging software stack versions prior to 2026.02.0 allow local attackers to corrupt EVSE state or crash the charging process by sending oversized MQTT command payloads that bypass disabled schema validation. The ISO15118_chargerImpl::handle_session_setup function copies variable-length payment_options lists into a fixed 2-element array without bounds checking, exposing a CWE-787 buffer overflow vulnerability with availability and integrity impact. No public exploit code has been identified at time of analysis.

Buffer Overflow Memory Corruption Everest Core
NVD GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-27813 MEDIUM PATCH This Month

EVerest charging software stack versions prior to 2026.02.0 contain a data race condition leading to use-after-free memory corruption, triggered by EV plug-in/unplug events and authorization flows (RFID, RemoteStart, OCPP). Unauthenticated physical attackers with high complexity can exploit this to leak sensitive information or cause denial of service on affected charging infrastructure. No public exploit identified at time of analysis.

Information Disclosure Memory Corruption Use After Free Everest Core
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-27664 HIGH CISA Act Now

Out-of-bounds write vulnerabilities in Siemens CPCI85 Central Processing/Communication and SICORE Base system (versions below V26.10) allow unauthenticated remote attackers to crash critical industrial control system services through maliciously crafted XML requests, resulting in denial-of-service conditions. CISA's SSVC framework marks this as automatable with partial technical impact, though no public exploit has been identified at time of analysis. The CVSS 4.0 score of 8.7 reflects high availability impact (VA:H) with network accessibility requiring no authentication (PR:N).

Buffer Overflow Memory Corruption Cpci85 Central Processing Communication Sicore Base System
NVD VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2019-25650 HIGH POC This Week

River Past CamDo 3.7.6 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE River Past Camdo
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2019-25649 MEDIUM POC This Month

River Past Audio Converter 7.7.16 contains a local buffer overflow vulnerability in the activation code field that allows local attackers to crash the application by supplying an oversized input. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service River Past Audio Converter
NVD Exploit-DB VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2019-25648 MEDIUM POC This Month

MyVideoConverter Pro 3.14 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string to the registration code input field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Myvideoconverter Pro
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25219 HIGH POC This Week

PassFab Excel Password Recovery 8.3.1 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE Excel Password Recovery
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25218 HIGH POC This Week

PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE Rar Password Recovery
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25217 HIGH POC This Week

PDF Explorer 1.5.66.2 contains a structured exception handler (SEH) overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE Pdf Explorer
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25216 MEDIUM POC This Month

AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Anyburn
NVD Exploit-DB VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25215 MEDIUM POC This Month

Excel Password Recovery Professional 8.2.0.0 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long string to the 'E-Mail. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Excel Password Recovery Professional
NVD Exploit-DB VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2018-25214 MEDIUM POC This Month

MegaPing contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload to the Destination Address List field in the Finger. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service Megaping
NVD Exploit-DB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2018-25213 HIGH POC This Week

Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE Nsauditor Local Seh Buffer Overflow
NVD Exploit-DB VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25212 HIGH POC This Week

Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Microsoft RCE
NVD Exploit-DB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2018-25211 HIGH POC This Week

Allok Video Splitter 3.1.1217 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service or execute arbitrary code by supplying an oversized string in the. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE Denial Of Service Splitter
NVD Exploit-DB VulDB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-33526 CRITICAL PATCH Act Now

Squid versions prior to 7.5 contain a heap use-after-free vulnerability (CWE-416) in ICP (Internet Cache Protocol) traffic handling that enables remote attackers to reliably trigger denial of service against affected proxy services. The vulnerability affects any Squid deployment with ICP support explicitly enabled via non-zero icp_port configuration, and cannot be mitigated through access control rules alone. A patch is available in version 7.5, and the vulnerability has been confirmed across multiple Debian releases and SUSE distributions.

Denial Of Service Use After Free Memory Corruption Squid
NVD GitHub VulDB
CVSS 4.0
9.2
EPSS
2.0%
CVE-2026-28529 HIGH POC PATCH This Week

cryptodev-linux 1.14 and earlier suffer from a use-after-free vulnerability in the /dev/crypto device driver that enables local privilege escalation through reference count manipulation. Attackers with local access can exploit this memory corruption flaw to gain elevated privileges on affected systems. Public exploit code exists for this vulnerability.

Privilege Escalation Use After Free Memory Corruption Cryptodev Linux
NVD GitHub VulDB
CVSS 4.0
8.5
EPSS
0.0%
CVE-2026-23392 HIGH PATCH This Week

A use-after-free vulnerability exists in the Linux kernel's netfilter nf_tables flowtable implementation during error handling in the hook registration path. When hook registration fails (due to reaching maximum hook limits or hardware offload setup failures), the flowtable is not properly synchronized with RCU grace periods before being released, allowing concurrent packet processing or control plane operations (nfnetlink_hook) to access freed memory. This vulnerability affects all Linux kernel versions with the vulnerable nf_tables code and was discovered via KASAN reports during hook dumping operations; while not currently listed in known exploited vulnerabilities (KEV) databases, the use-after-free nature presents a real risk for denial of service or information disclosure in environments utilizing netfilter flowtables.

Linux Information Disclosure Memory Corruption Use After Free
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23390 HIGH PATCH This Week

A buffer overflow vulnerability exists in the Linux kernel's dma_map_sg tracepoint that can be triggered when tracing large scatter-gather lists, particularly with devices like virtio-gpu that create large DRM buffers exceeding 1000 entries. The vulnerability affects all Linux kernel versions prior to the fix and can cause perf buffer overflow warnings and potential kernel instability when dynamic array allocations exceed PERF_MAX_TRACE_SIZE (8192 bytes). While this is a kernel-level issue requiring local access to trigger tracing functionality, it poses a denial-of-service risk and memory safety concern for systems using performance tracing on workloads with large scatter-gather operations.

Buffer Overflow Memory Corruption Linux Red Hat
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23378 HIGH PATCH This Week

A buffer overflow vulnerability exists in the Linux kernel's IFE (Intermediate Functional Element) traffic control action module where metadata list replacement incorrectly appends new metadata instead of replacing old entries, causing unbounded metadata accumulation. This affects all Linux kernel versions with the vulnerable IFE scheduling code (cpe:2.3:a:linux:linux). An attacker with the ability to modify traffic control rules can trigger an out-of-bounds write via the ife_tlv_meta_encode function, potentially achieving kernel memory corruption and denial of service. The vulnerability is not listed as actively exploited in public KEV databases, but patches are available across multiple stable kernel branches.

Linux Buffer Overflow Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23361 HIGH PATCH This Week

This vulnerability is a race condition in the Linux kernel's PCI Designware endpoint driver where MSI-X interrupt writes to the host can complete after the corresponding Address Translation Unit (ATU) entry is unmapped, potentially corrupting host memory or triggering IOMMU errors. The vulnerability affects all Linux kernel versions with the vulnerable code path in the PCI DWC endpoint implementation (cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*), specifically impacting systems using PCI endpoint devices with MSI-X interrupt support such as NVMe-PCI endpoint function drivers. An attacker with the ability to trigger high-frequency MSI-X interrupts from a malicious endpoint device could exploit this race condition to cause denial of service through IOMMU faults or potentially corrupt host memory.

Linux Memory Corruption Buffer Overflow Red Hat
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23359 HIGH PATCH This Week

A stack-out-of-bounds write vulnerability exists in the Linux kernel's BPF devmap implementation where the get_upper_ifindexes() function iterates over upper network devices without properly validating buffer bounds. An attacker with the ability to create multiple virtual network devices (e.g., more than 8 macvlans) and trigger XDP packet processing with BPF_F_BROADCAST and BPF_F_EXCLUDE_INGRESS flags can write beyond allocated stack memory, potentially causing denial of service or arbitrary code execution. The vulnerability affects all Linux kernel versions using the vulnerable devmap code path and has been patched across multiple stable kernel branches, indicating recognition as a real security concern requiring immediate updates.

Linux Buffer Overflow Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23351 HIGH PATCH This Week

Use-after-free in Linux kernel's netfilter nft_set_pipapo enables local privilege escalation to kernel-level access (confidentiality/integrity/availability compromise). Affects Linux kernel 5.6+ through multiple stable branches (6.1.x, 6.6.x, 6.12.x, 6.18.x, 6.19.x). Vendor patches available across all affected kernel series. EPSS score of 0.03% (9th percentile) indicates low automated exploitation likelihood, consistent with local-access requirement and lack of public exploit code at time of analysis.

Linux Denial Of Service Memory Corruption Use After Free
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23344 HIGH PATCH This Week

A use-after-free vulnerability exists in the Linux kernel's crypto subsystem (CCP driver) within the sev_tsm_init_locked() function error path, where a pr_err() statement dereferences freed memory to access structure fields t->tio_en and t->tio_init_done after kfree(t) has been executed. This vulnerability can lead to information disclosure by reading freed memory contents. The issue affects Linux kernel versions across distributions using the affected CCP crypto driver code and was identified by the Smatch static analyzer.

Use After Free Memory Corruption Linux Information Disclosure Red Hat
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23343 HIGH PATCH This Week

A memory corruption vulnerability exists in the Linux kernel's XDP (eXpress Data Path) subsystem where negative tailroom calculations are incorrectly reported as large unsigned integers, allowing buffer overflows during tail growth operations. This affects Linux kernel versions across multiple stable branches when certain Ethernet drivers (notably ixgbevf) report incorrect DMA write sizes, leading to heap corruption, segmentation faults, and general protection faults as demonstrated in the xskxceiver test utility. The vulnerability has no CVSS score assigned and shows no active KEV exploitation status, but represents a critical memory safety issue affecting systems using XDP with affected Ethernet drivers.

Linux Buffer Overflow Memory Corruption Canonical
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23340 HIGH PATCH This Week

Use-after-free in Linux kernel network traffic control subsystem allows local authenticated attackers to execute arbitrary code with high privileges when changing network queue pair configurations on lockless qdiscs (virtio-net confirmed affected). Race condition between qdisc_reset_all_tx_gt() and dequeue operations causes memory to be freed while still in use. Vendor-released patches available for stable kernel branches 6.1.167, 6.6.130, 6.12.77, 6.18.17, 6.19.7, and mainline 7.0-rc3. EPSS exploitation probability is low (0.02%, 7th percentile) and no active exploitation confirmed at time of analysis, though a reliable reproducer exists using iperf3 and ethtool queue manipulation.

Linux Information Disclosure Use After Free Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23336 HIGH PATCH This Week

Use-after-free in Linux kernel cfg80211 WiFi subsystem allows local authenticated users with low privileges to achieve high impact on confidentiality, integrity, and availability through rfkill work-queue exploitation. The vulnerability affects Linux kernel versions 2.6.31 through 6.19-rc2, with patches released for stable branches 6.1.167, 6.6.130, 6.12.77, 6.18.17, 6.19.7, and 7.0-rc2. EPSS score of 0.02% (7th percentile) indicates very low probability of mass exploitation. No CISA KEV listing or public exploit identified at time of analysis, though the issue was discovered via syzkaller fuzzing, demonstrating automated exploit development potential.

Linux Information Disclosure Use After Free Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23326 HIGH PATCH This Week

This vulnerability is a memory leak in the Linux kernel's AF_XDP socket implementation where buffers fail to be properly returned to the free list due to improper list node reinitialization. The vulnerability affects all Linux kernel versions with the AF_XDP subsystem enabled, potentially allowing local attackers or unprivileged users to exhaust kernel memory over time. While not actively exploited in the wild according to available intelligence, the vulnerability has clear patches available in stable kernel branches and represents a real denial-of-service risk for systems relying on XDP functionality.

Memory Corruption Buffer Overflow Linux Red Hat
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23323 HIGH PATCH This Week

The Apple Silicon SMC hwmon driver (macsmc-hwmon) in the Linux kernel contains critical memory safety bugs in sensor population and float conversion logic. Specifically, voltage sensors are incorrectly registered to the temperature sensor array, and float-to-32-bit conversion has flawed exponent handling, potentially leading to out-of-bounds memory access, data corruption, or incorrect fan control on affected Apple Silicon systems. The vulnerability affects Linux kernel versions with the macsmc-hwmon driver and has been patched; no active exploitation or POC is currently known, but the nature of the bugs suggests high real-world risk for systems relying on thermal management.

Linux Memory Corruption Apple Buffer Overflow Red Hat
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23322 HIGH PATCH This Week

A use-after-free and list corruption vulnerability exists in the Linux kernel's IPMI (Intelligent Platform Management Interface) subsystem when the SMI sender returns an error. The vulnerability affects all Linux kernel versions with the vulnerable IPMI code path, allowing local attackers or processes with IPMI access to trigger denial of service conditions through list corruption and NULL pointer dereferences. The vulnerability is not currently listed in CISA's KEV catalog, and no CVSS or EPSS scores have been published; however, the technical nature indicates high reliability for exploitation by local actors with kernel interface access.

Linux Use After Free Memory Corruption Denial Of Service
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Memory corruption vulnerability in Apple iOS, iPadOS, and macOS allows local attackers to achieve denial of service or potentially arbitrary code execution through malicious file processing. The vulnerability affects iOS and iPadOS versions below 18.6 and macOS Sequoia below 15.6, and has been patched in iOS 18.6, iPadOS 18.6, and macOS Sequoia 15.6. No public exploit identified at time of analysis, and CVSS severity is not numerically specified by Apple, though the buffer overflow classification and file processing attack vector indicate moderate to high real-world risk for users who encounter malicious content.

Apple Buffer Overflow Memory Corruption
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Memory corruption in macOS Sequoia image processing allows remote attackers to achieve arbitrary code execution via maliciously crafted images requiring user interaction. Affects macOS Sequoia versions prior to 15.6, with CVSS 8.8 (High) severity due to potential for complete system compromise. EPSS data unavailable; no public exploit identified at time of analysis. Apple addressed the vulnerability through improved memory handling in macOS 15.6 (released June 2025). Attack requires victim to process a weaponized image file, making social engineering or malicious websites likely delivery vectors.

Apple Memory Corruption Buffer Overflow
NVD
EPSS 0% CVSS 2.9
LOW Monitor

Type confusion in Free5GC 4.2.0's aper component allows remote attackers to trigger memory corruption and information disclosure with high attack complexity and without authentication. The vulnerability stems from improper type handling in ASN.1 parsing and has publicly available exploit code, though active exploitation at scale has not been confirmed. CVSS 6.3 with availability impact and exploit proof-of-concept disclosure warrant timely patching.

Information Disclosure Memory Corruption Free5gc
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use-after-free vulnerability in Linux kernel futex handling allows local attackers to read freed memory via race condition between futex_key_to_node_opt() and vma_replace_policy(). When mbind() concurrently replaces virtual memory area policies, __futex_key_to_node() may dereference a freed mempolicy structure, enabling information disclosure of kernel memory. The vulnerability requires local access and precise timing but poses memory safety risk in multi-threaded applications using futex operations alongside memory policy changes.

Linux Use After Free Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use-after-free in Linux kernel clsact qdisc initialization and destruction rollback allows local denial of service or potential information disclosure when qdisc replacement fails midway during tcf_block_get_ext() operations. The vulnerability stems from asymmetric initialization and cleanup paths where egress_entry references from a previous clsact instance remain valid during failure scenarios, leading to double-free or use-after-free conditions. Affected Linux kernel versions across all distributions that include the clsact traffic control qdisc require patching.

Linux Use After Free Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use-after-free in Linux kernel netfilter BPF hook memory management allows local attackers to read sensitive kernel memory via concurrent nfnetlink_hooks dumping operations. The vulnerability arises from premature memory release in hook structures before RCU readers complete their access, enabling information disclosure through netlink interface. No active exploitation confirmed, but the KASAN report demonstrates reliable reproducer availability.

Linux Use After Free Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Out-of-bounds write in LibRaw's JPEG DHT parser (HuffTable::initval function) allows unauthenticated remote attackers to trigger a denial of service via malformed JPEG image files. LibRaw versions up to 0.22.0 are affected; publicly available exploit code exists. CVSS 4.3 (low severity) reflects denial-of-service impact only, with low attack complexity and no authentication required. Vendor-released patch available in version 0.22.1.

Buffer Overflow Memory Corruption Libraw
NVD VulDB GitHub
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Out-of-bounds write in Nothings stb library up to version 1.22 allows remote attackers to corrupt memory and potentially execute code by crafting malicious Vorbis audio files that trigger improper bounds checking in the start_decoder function. Publicly available exploit code exists for this vulnerability, which affects all applications statically linking vulnerable stb_vorbis.c code. The vendor has not responded to disclosure attempts, leaving deployed instances without an official patch.

Buffer Overflow Memory Corruption Stb
NVD VulDB GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

Cisco IMC web-based management interface allows authenticated administrators to execute arbitrary code as root through improper input validation in HTTP requests. The vulnerability affects Cisco Unified Computing System (standalone) and requires admin-level credentials and network access; successful exploitation grants attacker root-level code execution on the underlying operating system. No public exploit code or active exploitation has been identified at time of analysis.

Cisco RCE Memory Corruption +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Linux kernel KVM x86/MMU incorrectly installs emulated MMIO shadow page table entries (SPTEs) without first zapping existing shadow-present SPTEs when host userspace modifies guest page tables outside KVM's scope, causing kernel warnings and potential memory consistency issues. The vulnerability affects KVM on x86 systems running vulnerable kernel versions and can be triggered by a local attacker with ability to manipulate guest memory or run guest VMs, though the practical impact beyond kernel instability remains limited.

Linux Authentication Bypass Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Use-after-free in Chrome's compositing engine allows remote attackers who have compromised the renderer process to escape the sandbox via crafted HTML pages in Google Chrome prior to version 146.0.7680.178. This high-severity vulnerability requires prior renderer compromise but enables privilege escalation from the sandboxed renderer to system-level access, making it a critical sandbox bypass vector. Vendor-released patch addresses the issue in Chrome 146.0.7680.178 and later.

Google Use After Free Denial Of Service +4
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Use-after-free in Google Chrome's Navigation component prior to version 146.0.7680.178 enables sandbox escape for attackers who have already compromised the renderer process, allowing them to potentially execute arbitrary code with elevated privileges via a malicious HTML page. Chromium rates this as high severity; patch availability confirmed from vendor.

Google Use After Free Denial Of Service +4
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Use-after-free in Chrome's WebView on Android prior to version 146.0.7680.178 allows a remote attacker with a compromised renderer process to escape the sandbox via crafted HTML, potentially leading to arbitrary code execution outside the browser's security boundary. This vulnerability requires prior renderer compromise but eliminates a critical containment layer, classified as High severity by Chromium.

Google Use After Free Denial Of Service +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome prior to version 146.0.7680.178 allows attackers to execute arbitrary code within the Chrome sandbox via a specially crafted PDF file. The vulnerability exists in Chrome's PDF handling component and is caused by a use-after-free memory corruption flaw. Patch availability has been confirmed via vendor release, and the Chromium security team has classified this as High severity.

Google Use After Free RCE +3
NVD VulDB
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Remote code execution in Google Chrome's CSS engine prior to version 146.0.7680.178 allows unauthenticated remote attackers to execute arbitrary code within the Chrome sandbox via a crafted HTML page. The vulnerability stems from a use-after-free memory error in CSS processing, classified as high severity by the Chromium security team. Vendor-released patch available in Chrome 146.0.7680.178 and later.

Google Use After Free RCE +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome prior to version 146.0.7680.178 via use-after-free vulnerability in the Dawn graphics library allows unauthenticated remote attackers to execute arbitrary code through a crafted HTML page. The vulnerability affects all Chrome versions below the patched release and carries high severity per Chromium's assessment.

Google Use After Free RCE +6
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome prior to version 146.0.7680.178 via use-after-free vulnerability in WebGL allows unauthenticated remote attackers to execute arbitrary code within the browser sandbox by delivering a crafted HTML page. The vulnerability is marked as High severity by Chromium security and a vendor-released patch is available.

Google Use After Free RCE +3
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote code execution in Google Chrome prior to 146.0.7680.178 via use-after-free vulnerability in Dawn graphics subsystem allows an attacker who has already compromised the renderer process to execute arbitrary code through a crafted HTML page. This vulnerability requires prior renderer compromise but presents significant risk in multi-process exploitation chains; vendor has released patched version 146.0.7680.178 to address the issue.

Google Use After Free RCE +6
NVD VulDB
EPSS 0% 4.8 CVSS 8.8
HIGH POC KEV PATCH THREAT Act Now

Remote code execution in Google Chrome prior to version 146.0.7680.178 via a use-after-free vulnerability in the Dawn graphics component allows attackers who have already compromised the renderer process to execute arbitrary code through a crafted HTML page. The vulnerability requires prior renderer compromise but results in full code execution with high severity per Chromium's security classification.

Google Use After Free RCE +3
NVD VulDB GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome prior to 146.0.7680.178 allows unauthenticated remote attackers to execute arbitrary code within the Chrome sandbox via a crafted HTML page exploiting a use-after-free vulnerability in the WebCodecs component. The vulnerability affects all versions before the patched release and has been addressed by Google with a vendor-released patch; no public exploit code or active exploitation has been confirmed at the time of analysis.

Google Use After Free RCE +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome on Android via use-after-free vulnerability in Web MIDI allows unauthenticated remote attackers to execute arbitrary code through a crafted HTML page. The vulnerability affects Chrome versions prior to 146.0.7680.178 and carries high severity per Chromium's security classification. A vendor-released patch is available.

Google Use After Free RCE +6
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Use-after-free in Foxit PDF Reader and Editor allows arbitrary code execution when processing maliciously crafted PDF documents containing list box calculation arrays. The vulnerability (CVSS 7.8) occurs when stale references to deleted or re-created page/form objects persist in calculation logic, enabling local attackers to execute code with user privileges when victims open weaponized PDFs. No public exploit identified at time of analysis, though the memory corruption primitive is well-understood by exploit developers.

Use After Free RCE Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

Use-after-free in Foxit PDF Editor and Foxit PDF Reader allows local attackers to achieve arbitrary code execution by crafting malicious JavaScript that manipulates document zoom and page state, causing stale view cache pointers to be dereferenced after the underlying view object is destroyed. The vulnerability requires user interaction (opening a crafted PDF) and local access, with a CVSS score of 5.5 reflecting denial-of-service impact, though the underlying memory corruption (CWE-416) and RCE tags indicate higher real-world severity under exploitation.

Use After Free RCE Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Memory corruption leading to arbitrary code execution affects AWS C Event Stream library versions before 0.6.0 when clients process malicious event-stream messages from attacker-controlled servers. The out-of-bounds write vulnerability in the streaming decoder requires high attack complexity and user interaction (CVSS:3.1/AV:N/AC:H/PR:N/UI:R), but grants complete control over confidentiality, integrity, and availability if successfully exploited. No public exploit identified at time of analysis, with EPSS data unavailable for this 2026-dated CVE. Vendor-released patch version 0.6.0 addresses the issue.

Buffer Overflow RCE Memory Corruption +1
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Parse Server versions prior to 8.6.70 and 9.7.0-alpha.18 allow authenticated users with find class-level permissions to bypass protectedFields restrictions on LiveQuery subscriptions by submitting array-like objects with numeric keys instead of proper arrays in $or, $and, or $nor operators. This enables information disclosure through a binary oracle attack that reveals whether protected fields match attacker-supplied values. The vulnerability requires prior authentication and find-level access but no user interaction, affecting all deployments of vulnerable Parse Server versions.

Node.js Authentication Bypass Memory Corruption +1
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

DNSdist instances using custom Lua code can be crashed via denial of service when the DNSQuestion:getEDNSOptions method accesses a modified DNS packet, triggering a use-after-free condition. This affects DNSdist across all versions and requires network access to send crafted DNS queries, but the attack demands specific Lua code patterns and high attack complexity; no public exploit or active exploitation has been confirmed, and the real-world impact is limited to environments where custom Lua DNS query handlers reference EDNS options.

Use After Free Denial Of Service Memory Corruption +1
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

DNSdist fails to validate packet size bounds when rewriting DNS questions or responses via Lua methods (DNSQuestion:changeName, DNSResponse:changeName), allowing unauthenticated remote attackers to craft DNS responses that trigger out-of-bounds writes and exceed the 65535-byte DNS packet size limit, resulting in denial of service via crash. CVSS 5.9 (high availability impact); no public exploit code identified at time of analysis.

Buffer Overflow Denial Of Service Memory Corruption +1
NVD
EPSS 0% CVSS 8.7
HIGH POC This Week

Core FTP/SFTP Server 1.2 contains a buffer overflow vulnerability that allows attackers to crash the service by supplying an excessively long string in the User domain field. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Core Ftp Sftp Server
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

NetworkActiv Web Server 4.0 contains a buffer overflow vulnerability in the username field of the Security options that allows local attackers to crash the application by supplying an excessively. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Free IP Switcher 3.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Computer Name field. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

NetSetMan 4.7.1 contains a buffer overflow vulnerability in the Workgroup feature that allows local attackers to crash the application by supplying oversized input. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

FTPShell Server 6.83 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the account name field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 9.3
CRITICAL POC PATCH Act Now

Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow +2
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 9.3
CRITICAL POC Act Now

EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows remote attackers to execute arbitrary code by supplying an oversized username parameter. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 9.3
CRITICAL POC PATCH Act Now

Bochs 2.6-5 contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized input string to the application. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 9.3
CRITICAL POC PATCH Act Now

MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 9.3
CRITICAL POC PATCH Act Now

JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying overly long input that exceeds buffer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Java +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

Mapscrn 2.0.3 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized input buffer. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow +2
NVD Exploit-DB VulDB
EPSS 0% CVSS 9.3
CRITICAL POC PATCH Act Now

TiEmu 2.08 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 9.3
CRITICAL POC PATCH Act Now

JAD 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

EKG Gadu 1.9~pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an oversized username string. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerability in the NAME parameter handling of FTP connections that allows local attackers to crash the application or execute arbitrary. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

Multi Emulator Super System 0.154-3.1 contains a buffer overflow vulnerability in the gamma parameter handling that allows local attackers to crash the application or execute arbitrary code. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an excessively long argument to the application. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Memory Corruption Buffer Overflow +2
NVD Exploit-DB VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Adobe Substance3D Stager 3.1.7 and earlier allows local attackers to execute malicious code with user privileges through specially crafted files. Exploitation requires social engineering to trick users into opening weaponized Stager project files. No public exploit identified at time of analysis, though the use-after-free vulnerability class is well-understood and exploitable. CVSS 7.8 (High) reflects significant impact if exploited, though local attack vector and user interaction requirement reduce immediate risk compared to remotely exploitable flaws.

RCE Use After Free Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Grafana's OpenFeature feature toggle evaluation endpoint can be forced into an out-of-memory condition by submitting unbounded values, enabling remote denial-of-service attacks against the monitoring platform. The vulnerability is network-accessible, requires no authentication (CVSS AV:N/AC:L/PR:N), and has been assigned a CVSS score of 7.5 with high availability impact. No public exploit identified at time of analysis, and authentication requirements confirm unauthenticated access per the CVSS vector PR:N.

Buffer Overflow Memory Corruption Grafana
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service +2
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

MapServer versions 4.2 through 8.6.0 are vulnerable to a heap buffer overflow in the SLD (Styled Layer Descriptor) parser that allows remote, unauthenticated attackers to crash the MapServer process by sending a crafted SLD document containing more than 100 Threshold elements within a ColorMap/Categorize structure. The vulnerability is reachable via WMS GetMap requests using the SLD_BODY parameter, requiring no authentication or user interaction. Vendor-released patch: version 8.6.1 eliminates the issue; no public exploit code or active exploitation has been identified at time of analysis.

Buffer Overflow Memory Corruption Mapserver
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in p11-kit's PKCS#11 RPC client allows a malicious remote token to trigger a NULL pointer dereference or undefined behavior in applications consuming derive-key operations. The flaw is reachable when an application calls C_DeriveKey against a remote token using IBM Kyber or IBM BTC derive mechanisms whose parameters are NULL, with the RPC client returning an uninitialized value. EPSS is low (0.10%) and no public exploit identified at time of analysis; SSVC marks exploitation as none but automatable.

IBM Denial Of Service Memory Corruption +6
NVD GitHub VulDB
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

X11 display interaction path contains an out-of-bounds write vulnerability that allows local attackers to crash affected applications through a single zero byte write. The medium-severity flaw (CVSS 4.0) requires no privileges or user interaction to trigger a denial of service condition. No patch is currently available for this vulnerability.

Buffer Overflow Memory Corruption Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A security vulnerability in versions 1.2.1 (CVSS 7.5). High severity vulnerability requiring prompt remediation.

Use After Free Memory Corruption Information Disclosure +1
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

EVerest charging software stack versions prior to 2026.02.0 contain a use-after-free vulnerability in the ISO15118_chargerImpl::handle_session_setup function that crashes the EVSE process when session setup commands are issued after ISO15118 initialization failure. Remote attackers with MQTT access can trigger this denial of service condition by sending a crafted session_setup command, causing the process to reference freed memory (v2g_ctx). A vendor-released patch is available in version 2026.02.0.

Use After Free Denial Of Service Memory Corruption +1
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

EVerest-Core prior to version 2026.02.0 contains an out-of-bounds write vulnerability in the ISO15118_chargerImpl::handle_update_energy_transfer_modes function, where variable-length MQTT command payloads are copied into a fixed-size 6-element array without bounds checking. When schema validation is disabled by default, oversized payloads trigger memory corruption that can crash the EV charging service or corrupt adjacent EVSE (Electric Vehicle Supply Equipment) state, affecting the integrity and availability of EV charging infrastructure. No public exploit code has been identified at the time of analysis, but the vulnerability is patched in version 2026.02.0.

Buffer Overflow Memory Corruption Everest Core
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Out-of-bounds memory writes in EVerest charging software stack versions prior to 2026.02.0 allow local attackers to corrupt EVSE state or crash the charging process by sending oversized MQTT command payloads that bypass disabled schema validation. The ISO15118_chargerImpl::handle_session_setup function copies variable-length payment_options lists into a fixed 2-element array without bounds checking, exposing a CWE-787 buffer overflow vulnerability with availability and integrity impact. No public exploit code has been identified at time of analysis.

Buffer Overflow Memory Corruption Everest Core
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

EVerest charging software stack versions prior to 2026.02.0 contain a data race condition leading to use-after-free memory corruption, triggered by EV plug-in/unplug events and authorization flows (RFID, RemoteStart, OCPP). Unauthenticated physical attackers with high complexity can exploit this to leak sensitive information or cause denial of service on affected charging infrastructure. No public exploit identified at time of analysis.

Information Disclosure Memory Corruption Use After Free +1
NVD GitHub
EPSS 0% CVSS 8.7
HIGH Act Now

Out-of-bounds write vulnerabilities in Siemens CPCI85 Central Processing/Communication and SICORE Base system (versions below V26.10) allow unauthenticated remote attackers to crash critical industrial control system services through maliciously crafted XML requests, resulting in denial-of-service conditions. CISA's SSVC framework marks this as automatable with partial technical impact, though no public exploit has been identified at time of analysis. The CVSS 4.0 score of 8.7 reflects high availability impact (VA:H) with network accessibility requiring no authentication (PR:N).

Buffer Overflow Memory Corruption Cpci85 Central Processing Communication +1
NVD VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

River Past CamDo 3.7.6 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.8
MEDIUM POC This Month

River Past Audio Converter 7.7.16 contains a local buffer overflow vulnerability in the activation code field that allows local attackers to crash the application by supplying an oversized input. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

MyVideoConverter Pro 3.14 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string to the registration code input field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

PassFab Excel Password Recovery 8.3.1 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

PDF Explorer 1.5.66.2 contains a structured exception handler (SEH) overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the image file name field. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.8
MEDIUM POC This Month

Excel Password Recovery Professional 8.2.0.0 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long string to the 'E-Mail. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

MegaPing contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload to the Destination Address List field in the Finger. Rated medium severity (CVSS 6.9), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Denial Of Service +1
NVD Exploit-DB
EPSS 0% CVSS 8.6
HIGH POC This Week

Nsauditor 3.0.28.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input to the DNS Lookup tool. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD Exploit-DB VulDB
EPSS 0% CVSS 8.6
HIGH POC This Week

Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Microsoft +1
NVD Exploit-DB
EPSS 0% CVSS 8.5
HIGH POC This Week

Allok Video Splitter 3.1.1217 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service or execute arbitrary code by supplying an oversized string in the. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE +2
NVD Exploit-DB VulDB
EPSS 2% CVSS 9.2
CRITICAL PATCH Act Now

Squid versions prior to 7.5 contain a heap use-after-free vulnerability (CWE-416) in ICP (Internet Cache Protocol) traffic handling that enables remote attackers to reliably trigger denial of service against affected proxy services. The vulnerability affects any Squid deployment with ICP support explicitly enabled via non-zero icp_port configuration, and cannot be mitigated through access control rules alone. A patch is available in version 7.5, and the vulnerability has been confirmed across multiple Debian releases and SUSE distributions.

Denial Of Service Use After Free Memory Corruption +1
NVD GitHub VulDB
EPSS 0% CVSS 8.5
HIGH POC PATCH This Week

cryptodev-linux 1.14 and earlier suffer from a use-after-free vulnerability in the /dev/crypto device driver that enables local privilege escalation through reference count manipulation. Attackers with local access can exploit this memory corruption flaw to gain elevated privileges on affected systems. Public exploit code exists for this vulnerability.

Privilege Escalation Use After Free Memory Corruption +1
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free vulnerability exists in the Linux kernel's netfilter nf_tables flowtable implementation during error handling in the hook registration path. When hook registration fails (due to reaching maximum hook limits or hardware offload setup failures), the flowtable is not properly synchronized with RCU grace periods before being released, allowing concurrent packet processing or control plane operations (nfnetlink_hook) to access freed memory. This vulnerability affects all Linux kernel versions with the vulnerable nf_tables code and was discovered via KASAN reports during hook dumping operations; while not currently listed in known exploited vulnerabilities (KEV) databases, the use-after-free nature presents a real risk for denial of service or information disclosure in environments utilizing netfilter flowtables.

Linux Information Disclosure Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A buffer overflow vulnerability exists in the Linux kernel's dma_map_sg tracepoint that can be triggered when tracing large scatter-gather lists, particularly with devices like virtio-gpu that create large DRM buffers exceeding 1000 entries. The vulnerability affects all Linux kernel versions prior to the fix and can cause perf buffer overflow warnings and potential kernel instability when dynamic array allocations exceed PERF_MAX_TRACE_SIZE (8192 bytes). While this is a kernel-level issue requiring local access to trigger tracing functionality, it poses a denial-of-service risk and memory safety concern for systems using performance tracing on workloads with large scatter-gather operations.

Buffer Overflow Memory Corruption Linux +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A buffer overflow vulnerability exists in the Linux kernel's IFE (Intermediate Functional Element) traffic control action module where metadata list replacement incorrectly appends new metadata instead of replacing old entries, causing unbounded metadata accumulation. This affects all Linux kernel versions with the vulnerable IFE scheduling code (cpe:2.3:a:linux:linux). An attacker with the ability to modify traffic control rules can trigger an out-of-bounds write via the ife_tlv_meta_encode function, potentially achieving kernel memory corruption and denial of service. The vulnerability is not listed as actively exploited in public KEV databases, but patches are available across multiple stable kernel branches.

Linux Buffer Overflow Memory Corruption
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

This vulnerability is a race condition in the Linux kernel's PCI Designware endpoint driver where MSI-X interrupt writes to the host can complete after the corresponding Address Translation Unit (ATU) entry is unmapped, potentially corrupting host memory or triggering IOMMU errors. The vulnerability affects all Linux kernel versions with the vulnerable code path in the PCI DWC endpoint implementation (cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*), specifically impacting systems using PCI endpoint devices with MSI-X interrupt support such as NVMe-PCI endpoint function drivers. An attacker with the ability to trigger high-frequency MSI-X interrupts from a malicious endpoint device could exploit this race condition to cause denial of service through IOMMU faults or potentially corrupt host memory.

Linux Memory Corruption Buffer Overflow +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A stack-out-of-bounds write vulnerability exists in the Linux kernel's BPF devmap implementation where the get_upper_ifindexes() function iterates over upper network devices without properly validating buffer bounds. An attacker with the ability to create multiple virtual network devices (e.g., more than 8 macvlans) and trigger XDP packet processing with BPF_F_BROADCAST and BPF_F_EXCLUDE_INGRESS flags can write beyond allocated stack memory, potentially causing denial of service or arbitrary code execution. The vulnerability affects all Linux kernel versions using the vulnerable devmap code path and has been patched across multiple stable kernel branches, indicating recognition as a real security concern requiring immediate updates.

Linux Buffer Overflow Memory Corruption
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use-after-free in Linux kernel's netfilter nft_set_pipapo enables local privilege escalation to kernel-level access (confidentiality/integrity/availability compromise). Affects Linux kernel 5.6+ through multiple stable branches (6.1.x, 6.6.x, 6.12.x, 6.18.x, 6.19.x). Vendor patches available across all affected kernel series. EPSS score of 0.03% (9th percentile) indicates low automated exploitation likelihood, consistent with local-access requirement and lack of public exploit code at time of analysis.

Linux Denial Of Service Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free vulnerability exists in the Linux kernel's crypto subsystem (CCP driver) within the sev_tsm_init_locked() function error path, where a pr_err() statement dereferences freed memory to access structure fields t->tio_en and t->tio_init_done after kfree(t) has been executed. This vulnerability can lead to information disclosure by reading freed memory contents. The issue affects Linux kernel versions across distributions using the affected CCP crypto driver code and was identified by the Smatch static analyzer.

Use After Free Memory Corruption Linux +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A memory corruption vulnerability exists in the Linux kernel's XDP (eXpress Data Path) subsystem where negative tailroom calculations are incorrectly reported as large unsigned integers, allowing buffer overflows during tail growth operations. This affects Linux kernel versions across multiple stable branches when certain Ethernet drivers (notably ixgbevf) report incorrect DMA write sizes, leading to heap corruption, segmentation faults, and general protection faults as demonstrated in the xskxceiver test utility. The vulnerability has no CVSS score assigned and shows no active KEV exploitation status, but represents a critical memory safety issue affecting systems using XDP with affected Ethernet drivers.

Linux Buffer Overflow Memory Corruption +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use-after-free in Linux kernel network traffic control subsystem allows local authenticated attackers to execute arbitrary code with high privileges when changing network queue pair configurations on lockless qdiscs (virtio-net confirmed affected). Race condition between qdisc_reset_all_tx_gt() and dequeue operations causes memory to be freed while still in use. Vendor-released patches available for stable kernel branches 6.1.167, 6.6.130, 6.12.77, 6.18.17, 6.19.7, and mainline 7.0-rc3. EPSS exploitation probability is low (0.02%, 7th percentile) and no active exploitation confirmed at time of analysis, though a reliable reproducer exists using iperf3 and ethtool queue manipulation.

Linux Information Disclosure Use After Free +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use-after-free in Linux kernel cfg80211 WiFi subsystem allows local authenticated users with low privileges to achieve high impact on confidentiality, integrity, and availability through rfkill work-queue exploitation. The vulnerability affects Linux kernel versions 2.6.31 through 6.19-rc2, with patches released for stable branches 6.1.167, 6.6.130, 6.12.77, 6.18.17, 6.19.7, and 7.0-rc2. EPSS score of 0.02% (7th percentile) indicates very low probability of mass exploitation. No CISA KEV listing or public exploit identified at time of analysis, though the issue was discovered via syzkaller fuzzing, demonstrating automated exploit development potential.

Linux Information Disclosure Use After Free +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

This vulnerability is a memory leak in the Linux kernel's AF_XDP socket implementation where buffers fail to be properly returned to the free list due to improper list node reinitialization. The vulnerability affects all Linux kernel versions with the AF_XDP subsystem enabled, potentially allowing local attackers or unprivileged users to exhaust kernel memory over time. While not actively exploited in the wild according to available intelligence, the vulnerability has clear patches available in stable kernel branches and represents a real denial-of-service risk for systems relying on XDP functionality.

Memory Corruption Buffer Overflow Linux +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Apple Silicon SMC hwmon driver (macsmc-hwmon) in the Linux kernel contains critical memory safety bugs in sensor population and float conversion logic. Specifically, voltage sensors are incorrectly registered to the temperature sensor array, and float-to-32-bit conversion has flawed exponent handling, potentially leading to out-of-bounds memory access, data corruption, or incorrect fan control on affected Apple Silicon systems. The vulnerability affects Linux kernel versions with the macsmc-hwmon driver and has been patched; no active exploitation or POC is currently known, but the nature of the bugs suggests high real-world risk for systems relying on thermal management.

Linux Memory Corruption Apple +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A use-after-free and list corruption vulnerability exists in the Linux kernel's IPMI (Intelligent Platform Management Interface) subsystem when the SMI sender returns an error. The vulnerability affects all Linux kernel versions with the vulnerable IPMI code path, allowing local attackers or processes with IPMI access to trigger denial of service conditions through list corruption and NULL pointer dereferences. The vulnerability is not currently listed in CISA's KEV catalog, and no CVSS or EPSS scores have been published; however, the technical nature indicates high reliability for exploitation by local actors with kernel interface access.

Linux Use After Free Memory Corruption +1
NVD VulDB
Prev Page 19 of 170 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy