Vulnerability-Lookup

Vulnerability from cleanstart

Published

2026-06-08 14:00

Modified

2026-06-04 05:30

Summary

Security fixes for CVE-2026-0636, CVE-2026-3260, CVE-2026-33558, CVE-2026-33870, CVE-2026-33871, CVE-2026-3505, CVE-2026-35554, CVE-2026-41417, CVE-2026-42402, CVE-2026-42403, CVE-2026-42404, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42587, CVE-2026-5588, CVE-2026-5598, ghsa-287c-fxr7-3w6c, ghsa-2hfh-9h53-qc24, ghsa-38f8-5428-x5cv, ghsa-45q3-82m4-75jr, ghsa-57rv-r2g8-2cj3, ghsa-5qcv-4rpc-jp93, ghsa-72hv-8253-57qq, ghsa-c3fc-8qff-9hwx, ghsa-cj8j-37rh-8475, ghsa-cm33-6792-r9fm, ghsa-f6hv-jmp6-3vwv, ghsa-g36m-9g3m-2vmp, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-p93r-85wp-75v3, ghsa-pwqr-wmgm-9rr8, ghsa-v8h7-rr48-vmmv, ghsa-w9fj-cfpg-grvv, ghsa-wf66-mphr-4c4r, ghsa-wg6q-6289-32hp, ghsa-xxqh-mfjm-7mv9 applied in versions: 39.0.1-r0

Details

Multiple security vulnerabilities affect the wildfly package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2026-0636	WEB
	https://osv.dev/vulnerability/CVE-2026-3260	WEB
	https://osv.dev/vulnerability/CVE-2026-33558	WEB
	https://osv.dev/vulnerability/CVE-2026-33870	WEB
	https://osv.dev/vulnerability/CVE-2026-33871	WEB
	https://osv.dev/vulnerability/CVE-2026-3505	WEB
	https://osv.dev/vulnerability/CVE-2026-35554	WEB
	https://osv.dev/vulnerability/CVE-2026-41417	WEB
	https://osv.dev/vulnerability/CVE-2026-42402	WEB
	https://osv.dev/vulnerability/CVE-2026-42403	WEB
	https://osv.dev/vulnerability/CVE-2026-42404	WEB
	https://osv.dev/vulnerability/CVE-2026-42578	WEB
	https://osv.dev/vulnerability/CVE-2026-42579	WEB
	https://osv.dev/vulnerability/CVE-2026-42580	WEB
	https://osv.dev/vulnerability/CVE-2026-42581	WEB
	https://osv.dev/vulnerability/CVE-2026-42583	WEB
	https://osv.dev/vulnerability/CVE-2026-42584	WEB
	https://osv.dev/vulnerability/CVE-2026-42585	WEB
	https://osv.dev/vulnerability/CVE-2026-42587	WEB
	https://osv.dev/vulnerability/CVE-2026-5588	WEB
	https://osv.dev/vulnerability/CVE-2026-5598	WEB
	https://osv.dev/vulnerability/ghsa-287c-fxr7-3w6c	WEB
	https://osv.dev/vulnerability/ghsa-2hfh-9h53-qc24	WEB
	https://osv.dev/vulnerability/ghsa-38f8-5428-x5cv	WEB
	https://osv.dev/vulnerability/ghsa-45q3-82m4-75jr	WEB
	https://osv.dev/vulnerability/ghsa-57rv-r2g8-2cj3	WEB
	https://osv.dev/vulnerability/ghsa-5qcv-4rpc-jp93	WEB
	https://osv.dev/vulnerability/ghsa-72hv-8253-57qq	WEB
	https://osv.dev/vulnerability/ghsa-c3fc-8qff-9hwx	WEB
	https://osv.dev/vulnerability/ghsa-cj8j-37rh-8475	WEB
	https://osv.dev/vulnerability/ghsa-cm33-6792-r9fm	WEB
	https://osv.dev/vulnerability/ghsa-f6hv-jmp6-3vwv	WEB
	https://osv.dev/vulnerability/ghsa-g36m-9g3m-2vmp	WEB
	https://osv.dev/vulnerability/ghsa-m4cv-j2px-7723	WEB
	https://osv.dev/vulnerability/ghsa-mj4r-2hfc-f8p6	WEB
	https://osv.dev/vulnerability/ghsa-p93r-85wp-75v3	WEB
	https://osv.dev/vulnerability/ghsa-pwqr-wmgm-9rr8	WEB
	https://osv.dev/vulnerability/ghsa-v8h7-rr48-vmmv	WEB
	https://osv.dev/vulnerability/ghsa-w9fj-cfpg-grvv	WEB
	https://osv.dev/vulnerability/ghsa-wf66-mphr-4c4r	WEB
	https://osv.dev/vulnerability/ghsa-wg6q-6289-32hp	WEB
	https://osv.dev/vulnerability/ghsa-xxqh-mfjm-7mv9	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-0636	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-3260	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33558	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33870	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33871	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-3505	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-35554	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-41417	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42402	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42403	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42404	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42578	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42579	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42580	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42581	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42583	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42584	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42585	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-42587	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-5588	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-5598	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "wildfly"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "39.0.1-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the wildfly package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-RU36468",
  "modified": "2026-06-04T05:30:36Z",
  "published": "2026-06-08T14:00:50.454920Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RU36468.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-0636"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-3260"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33558"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33870"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33871"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-3505"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-35554"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-41417"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42402"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42403"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42404"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42578"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42579"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42580"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42581"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42583"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42584"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42585"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-42587"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-5588"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-5598"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-287c-fxr7-3w6c"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-2hfh-9h53-qc24"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-38f8-5428-x5cv"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-45q3-82m4-75jr"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-57rv-r2g8-2cj3"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-5qcv-4rpc-jp93"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-c3fc-8qff-9hwx"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-cj8j-37rh-8475"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-cm33-6792-r9fm"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-f6hv-jmp6-3vwv"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-g36m-9g3m-2vmp"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-m4cv-j2px-7723"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-mj4r-2hfc-f8p6"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-p93r-85wp-75v3"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-pwqr-wmgm-9rr8"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-v8h7-rr48-vmmv"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-w9fj-cfpg-grvv"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-wf66-mphr-4c4r"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-wg6q-6289-32hp"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xxqh-mfjm-7mv9"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0636"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3260"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33558"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3505"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35554"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41417"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42402"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42403"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42404"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42580"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42585"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5598"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2026-0636, CVE-2026-3260, CVE-2026-33558, CVE-2026-33870, CVE-2026-33871, CVE-2026-3505, CVE-2026-35554, CVE-2026-41417, CVE-2026-42402, CVE-2026-42403, CVE-2026-42404, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42587, CVE-2026-5588, CVE-2026-5598, ghsa-287c-fxr7-3w6c, ghsa-2hfh-9h53-qc24, ghsa-38f8-5428-x5cv, ghsa-45q3-82m4-75jr, ghsa-57rv-r2g8-2cj3, ghsa-5qcv-4rpc-jp93, ghsa-72hv-8253-57qq, ghsa-c3fc-8qff-9hwx, ghsa-cj8j-37rh-8475, ghsa-cm33-6792-r9fm, ghsa-f6hv-jmp6-3vwv, ghsa-g36m-9g3m-2vmp, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-p93r-85wp-75v3, ghsa-pwqr-wmgm-9rr8, ghsa-v8h7-rr48-vmmv, ghsa-w9fj-cfpg-grvv, ghsa-wf66-mphr-4c4r, ghsa-wg6q-6289-32hp, ghsa-xxqh-mfjm-7mv9 applied in versions: 39.0.1-r0",
  "upstream": [
    "CVE-2026-0636",
    "CVE-2026-3260",
    "CVE-2026-33558",
    "CVE-2026-33870",
    "CVE-2026-33871",
    "CVE-2026-3505",
    "CVE-2026-35554",
    "CVE-2026-41417",
    "CVE-2026-42402",
    "CVE-2026-42403",
    "CVE-2026-42404",
    "CVE-2026-42578",
    "CVE-2026-42579",
    "CVE-2026-42580",
    "CVE-2026-42581",
    "CVE-2026-42583",
    "CVE-2026-42584",
    "CVE-2026-42585",
    "CVE-2026-42587",
    "CVE-2026-5588",
    "CVE-2026-5598",
    "ghsa-287c-fxr7-3w6c",
    "ghsa-2hfh-9h53-qc24",
    "ghsa-38f8-5428-x5cv",
    "ghsa-45q3-82m4-75jr",
    "ghsa-57rv-r2g8-2cj3",
    "ghsa-5qcv-4rpc-jp93",
    "ghsa-72hv-8253-57qq",
    "ghsa-c3fc-8qff-9hwx",
    "ghsa-cj8j-37rh-8475",
    "ghsa-cm33-6792-r9fm",
    "ghsa-f6hv-jmp6-3vwv",
    "ghsa-g36m-9g3m-2vmp",
    "ghsa-m4cv-j2px-7723",
    "ghsa-mj4r-2hfc-f8p6",
    "ghsa-p93r-85wp-75v3",
    "ghsa-pwqr-wmgm-9rr8",
    "ghsa-v8h7-rr48-vmmv",
    "ghsa-w9fj-cfpg-grvv",
    "ghsa-wf66-mphr-4c4r",
    "ghsa-wg6q-6289-32hp",
    "ghsa-xxqh-mfjm-7mv9"
  ]
}

CVE-2026-0636 (GCVE-0-2026-0636)

Vulnerability from cvelistv5 – Published: 2026-04-15 08:59 – Updated: 2026-05-18 23:20

Title

LDAP Injection Vulnerability in LDAPStoreHelper.java

Summary

Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules). This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.

Severity

5.5 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/S:N/AU:Y/R:A/RE:M/U:Amber

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-90 - Improper neutralization of special elements used in an LDAP query ('LDAP injection')

Assigner

bcorg

References

2 references

URL	Tags
https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9…	vendor-advisory
https://github.com/bcgit/bc-java/commit/d20cdb843…	patch

Impacted products

1 product

Vendor	Product	Version
Legion of the Bouncy Castle Inc.	BC-JAVA	Affected: 1.74 , < 1.80.2 (maven) Affected: 1.81 , < 1.81.1 (maven) Affected: 1.82 , < 1.84 (maven)

Credits

Prasanth Sundararajan (prasanth.srihari@gmail.com)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0636",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-15T13:12:14.838595Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-15T13:12:22.433Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
          "defaultStatus": "unaffected",
          "modules": [
            "prov"
          ],
          "packageName": "bcprov",
          "platforms": [
            "all"
          ],
          "product": "BC-JAVA",
          "programFiles": [
            "LDAPStoreHelper"
          ],
          "repo": "https://github.com/bcgit/bc-java",
          "vendor": "Legion of the Bouncy Castle Inc.",
          "versions": [
            {
              "lessThan": "1.80.2",
              "status": "affected",
              "version": "1.74",
              "versionType": "maven"
            },
            {
              "lessThan": "1.81.1",
              "status": "affected",
              "version": "1.81",
              "versionType": "maven"
            },
            {
              "lessThan": "1.84",
              "status": "affected",
              "version": "1.82",
              "versionType": "maven"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Prasanth Sundararajan (prasanth.srihari@gmail.com)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper neutralization of special elements used in an LDAP query (\u0027LDAP injection\u0027) vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules).\u003cp\u003e This vulnerability is associated with program files LDAPStoreHelper.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\u003c/p\u003e"
            }
          ],
          "value": "Improper neutralization of special elements used in an LDAP query (\u0027LDAP injection\u0027) vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules).\n\n This vulnerability is associated with program files LDAPStoreHelper.\n\n\n\nThis issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "AUTOMATIC",
            "Safety": "NEGLIGIBLE",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "PROOF_OF_CONCEPT",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/S:N/AU:Y/R:A/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-90",
              "description": "CWE-90 Improper neutralization of special elements used in an LDAP query (\u0027LDAP injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-18T23:20:07.728Z",
        "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "shortName": "bcorg"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "LDAP Injection Vulnerability in LDAPStoreHelper.java",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
    "assignerShortName": "bcorg",
    "cveId": "CVE-2026-0636",
    "datePublished": "2026-04-15T08:59:12.677Z",
    "dateReserved": "2026-01-06T03:18:21.572Z",
    "dateUpdated": "2026-05-18T23:20:07.728Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-3260 (GCVE-0-2026-3260)

Vulnerability from cvelistv5 – Published: 2026-03-24 04:11 – Updated: 2026-04-08 19:34

Title

Undertow: undertow: denial of service due to premature multipart/form-data parsing in get requests

Summary

A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like `getParameterMap()`, the server prematurely parses and stores this content to disk. This could lead to resource exhaustion, potentially resulting in a Denial of Service (DoS).

Severity

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

redhat

References

2 references

URL	Tags
https://access.redhat.com/security/cve/CVE-2026-3260	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2443010	issue-trackingx_refsource_REDHAT

Impacted products

12 products

Vendor	Product	Version
Red Hat	Red Hat build of Apache Camel for Spring Boot 4	cpe:/a:redhat:camel_spring_boot:4
Red Hat	Red Hat build of Apache Camel - HawtIO 4	cpe:/a:redhat:apache_camel_hawtio:4
Red Hat	Red Hat Data Grid 8	cpe:/a:redhat:jboss_data_grid:8
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Fuse 7	cpe:/a:redhat:jboss_fuse:7
Red Hat	Red Hat JBoss Enterprise Application Platform 7	cpe:/a:redhat:jboss_enterprise_application_platform:7
Red Hat	Red Hat JBoss Enterprise Application Platform 8	cpe:/a:redhat:jboss_enterprise_application_platform:8
Red Hat	Red Hat JBoss Enterprise Application Platform Expansion Pack	cpe:/a:redhat:jbosseapxp
Red Hat	Red Hat Process Automation 7	cpe:/a:redhat:jboss_enterprise_bpms_platform:7
Red Hat	Red Hat Single Sign-On 7	cpe:/a:redhat:red_hat_single_sign_on:7

Date Public

2026-03-24 04:05

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-3260",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-26T12:31:14.446866Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-26T12:31:31.900Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:camel_spring_boot:4"
          ],
          "defaultStatus": "affected",
          "packageName": "undertow-core",
          "product": "Red Hat build of Apache Camel for Spring Boot 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:apache_camel_hawtio:4"
          ],
          "defaultStatus": "affected",
          "packageName": "undertow-core",
          "product": "Red Hat build of Apache Camel - HawtIO 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:jboss_data_grid:8"
          ],
          "defaultStatus": "affected",
          "packageName": "undertow-core",
          "product": "Red Hat Data Grid 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "moditect",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "pki-core:10.6/resteasy",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "pki-deps:10.6/resteasy",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "resteasy",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:jboss_fuse:7"
          ],
          "defaultStatus": "affected",
          "packageName": "undertow-core",
          "product": "Red Hat Fuse 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_enterprise_application_platform:7"
          ],
          "defaultStatus": "affected",
          "packageName": "undertow-core",
          "product": "Red Hat JBoss Enterprise Application Platform 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_enterprise_application_platform:8"
          ],
          "defaultStatus": "affected",
          "packageName": "org.jberet-jberet-parent",
          "product": "Red Hat JBoss Enterprise Application Platform 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_enterprise_application_platform:8"
          ],
          "defaultStatus": "affected",
          "packageName": "org.jboss.eap-jboss-eap-xp",
          "product": "Red Hat JBoss Enterprise Application Platform 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_enterprise_application_platform:8"
          ],
          "defaultStatus": "affected",
          "packageName": "undertow-core",
          "product": "Red Hat JBoss Enterprise Application Platform 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jbosseapxp"
          ],
          "defaultStatus": "affected",
          "packageName": "org.jberet-jberet-parent",
          "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jbosseapxp"
          ],
          "defaultStatus": "affected",
          "packageName": "org.jboss.eap-jboss-eap-xp",
          "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jbosseapxp"
          ],
          "defaultStatus": "affected",
          "packageName": "undertow-core",
          "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
          ],
          "defaultStatus": "affected",
          "packageName": "undertow-core",
          "product": "Red Hat Process Automation 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7"
          ],
          "defaultStatus": "affected",
          "packageName": "undertow-core",
          "product": "Red Hat Single Sign-On 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2026-03-24T04:05:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Undertow. A remote attacker could exploit this vulnerability by sending an HTTP GET request containing multipart/form-data content. If the underlying application processes parameters using methods like `getParameterMap()`, the server prematurely parses and stores this content to disk. This could lead to resource exhaustion, potentially resulting in a Denial of Service (DoS)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T19:34:26.182Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-3260"
        },
        {
          "name": "RHBZ#2443010",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443010"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-02-26T14:20:28.168Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-03-24T04:05:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Undertow: undertow: denial of service due to premature multipart/form-data parsing in get requests",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-770: Allocation of Resources Without Limits or Throttling"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-3260",
    "datePublished": "2026-03-24T04:11:16.085Z",
    "dateReserved": "2026-02-26T14:22:15.920Z",
    "dateUpdated": "2026-04-08T19:34:26.182Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33558 (GCVE-0-2026-33558)

Vulnerability from cvelistv5 – Published: 2026-04-20 13:20 – Updated: 2026-04-20 14:20

Title

Apache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output

Summary

Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information will be exposed via the requests and responses output log. The entire lists of impacted requests and responses are: * AlterConfigsRequest * AlterUserScramCredentialsRequest * ExpireDelegationTokenRequest * IncrementalAlterConfigsRequest * RenewDelegationTokenRequest * SaslAuthenticateRequest * createDelegationTokenResponse * describeDelegationTokenResponse * SaslAuthenticateResponse This issue affects Apache Kafka: from any version supported the listed API above through v3.9.1, v4.0.0. We advise the Kafka users to upgrade to v3.9.2, v4.0.1, or later to avoid this vulnerability.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-533 - DEPRECATED: Information Exposure Through Server Log Files

Assigner

apache

References

3 references

URL	Tags
https://kafka.apache.org/cve-list	vendor-advisory
https://lists.apache.org/thread/pz5g4ky3h0k91tfd1…	mailing-list
http://www.openwall.com/lists/oss-security/2026/04/17/3

Impacted products

2 products

Vendor	Product	Version
Apache Software Foundation	Apache Kafka	Affected: 0.11.0 , ≤ 3.9.1 (semver) Affected: 4.0.0 (semver)
Apache Software Foundation	Apache Kafka Clients	Affected: 0.11.0 , ≤ 3.9.1 (semver) Affected: 4.0.0 (semver)

Credits

Alyssa Huang <ahuang@confluent.io> Luke Chen <showuon@gmail.com>

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-04-20T13:38:53.596Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/17/3"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-33558",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-20T14:20:28.073658Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-20T14:20:41.640Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Kafka",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "3.9.1",
              "status": "affected",
              "version": "0.11.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "4.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.kafka:kafka-clients",
          "product": "Apache Kafka Clients",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "3.9.1",
              "status": "affected",
              "version": "0.11.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "4.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Alyssa Huang \u003cahuang@confluent.io\u003e"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Luke Chen \u003cshowuon@gmail.com\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eInformation exposure vulnerability has been identified in Apache Kafka.\u003c/div\u003e\u003cdiv\u003eThe NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information will be exposed via the requests and responses output log. The entire lists of impacted requests and responses are:\u003c/div\u003e\u003cdiv\u003e\u003col\u003e\n\u003cli\u003eAlterConfigsRequest\u003c/li\u003e\n\u003cli\u003eAlterUserScramCredentialsRequest\u003c/li\u003e\n\u003cli\u003eExpireDelegationTokenRequest\u003c/li\u003e\n\u003cli\u003eIncrementalAlterConfigsRequest\u003c/li\u003e\n\u003cli\u003eRenewDelegationTokenRequest\u003c/li\u003e\n\u003cli\u003eSaslAuthenticateRequest\u003c/li\u003e\n\u003cli\u003ecreateDelegationTokenResponse\u003c/li\u003e\n\u003cli\u003edescribeDelegationTokenResponse\u003c/li\u003e\n\u003cli\u003eSaslAuthenticateResponse\u003c/li\u003e\n\u003c/ol\u003e\u003cbr\u003eThis issue affects Apache Kafka: from any version supported the listed API above through v3.9.1, v4.0.0. We advise the Kafka users to upgrade to v3.9.2, v4.0.1, or later to avoid this vulnerability.\u0026nbsp;\u0026nbsp;\u003cbr\u003e\u003cbr\u003e\u003c/div\u003e"
            }
          ],
          "value": "Information exposure vulnerability has been identified in Apache Kafka.\n\nThe NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information will be exposed via the requests and responses output log. The entire lists of impacted requests and responses are:\n\n\n  *  AlterConfigsRequest\n\n  *  AlterUserScramCredentialsRequest\n\n  *  ExpireDelegationTokenRequest\n\n  *  IncrementalAlterConfigsRequest\n\n  *  RenewDelegationTokenRequest\n\n  *  SaslAuthenticateRequest\n\n  *  createDelegationTokenResponse\n\n  *  describeDelegationTokenResponse\n\n  *  SaslAuthenticateResponse\n\n\nThis issue affects Apache Kafka: from any version supported the listed API above through v3.9.1, v4.0.0. We advise the Kafka users to upgrade to v3.9.2, v4.0.1, or later to avoid this vulnerability."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-533",
              "description": "CWE-533 DEPRECATED: Information Exposure Through Server Log Files",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-20T13:20:38.059Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kafka.apache.org/cve-list"
        },
        {
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread/pz5g4ky3h0k91tfd14p0dzqjp80960kl"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-33558",
    "datePublished": "2026-04-20T13:20:38.059Z",
    "dateReserved": "2026-03-23T03:46:25.070Z",
    "dateUpdated": "2026-04-20T14:20:41.640Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33870 (GCVE-0-2026-33870)

Vulnerability from cvelistv5 – Published: 2026-03-27 19:54 – Updated: 2026-03-31 13:55

Title

Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing

Summary

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Versions 4.1.132.Final and 4.2.10.Final fix the issue.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

SSVC

Exploitation: poc Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Assigner

GitHub_M

References

4 references

URL	Tags
https://github.com/netty/netty/security/advisorie…	x_refsource_CONFIRM
https://w4ke.info/2025/06/18/funky-chunks.html	x_refsource_MISC
https://w4ke.info/2025/10/29/funky-chunks-2.html	x_refsource_MISC
https://www.rfc-editor.org/rfc/rfc9110	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
netty	netty	Affected: < 4.1.132.Final Affected: >= 4.2.0.Alpha1, < 4.2.10.Final

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33870",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-31T13:55:28.970197Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-31T13:55:47.863Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "netty",
          "vendor": "netty",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 4.1.132.Final"
            },
            {
              "status": "affected",
              "version": "\u003e= 4.2.0.Alpha1, \u003c 4.2.10.Final"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Versions 4.1.132.Final and 4.2.10.Final fix the issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-444",
              "description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T19:54:15.586Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8"
        },
        {
          "name": "https://w4ke.info/2025/06/18/funky-chunks.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w4ke.info/2025/06/18/funky-chunks.html"
        },
        {
          "name": "https://w4ke.info/2025/10/29/funky-chunks-2.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w4ke.info/2025/10/29/funky-chunks-2.html"
        },
        {
          "name": "https://www.rfc-editor.org/rfc/rfc9110",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.rfc-editor.org/rfc/rfc9110"
        }
      ],
      "source": {
        "advisory": "GHSA-pwqr-wmgm-9rr8",
        "discovery": "UNKNOWN"
      },
      "title": "Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-33870",
    "datePublished": "2026-03-27T19:54:15.586Z",
    "dateReserved": "2026-03-24T15:10:05.678Z",
    "dateUpdated": "2026-03-31T13:55:47.863Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-33871 (GCVE-0-2026-33871)

Vulnerability from cvelistv5 – Published: 2026-03-27 19:55 – Updated: 2026-03-31 18:54

Title

Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass

Summary

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, a remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of `CONTINUATION` frames. The server's lack of a limit on the number of `CONTINUATION` frames, combined with a bypass of existing size-based mitigations using zero-byte frames, allows an user to cause excessive CPU consumption with minimal bandwidth, rendering the server unresponsive. Versions 4.1.132.Final and 4.2.10.Final fix the issue.

Severity

8.7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

GitHub_M

References

1 reference

URL	Tags
https://github.com/netty/netty/security/advisorie…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
netty	netty	Affected: < 4.1.132.Final Affected: >= 4.2.0.Alpha1, < 4.2.10.Final

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-33871",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-31T18:51:31.168118Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-31T18:54:19.771Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "netty",
          "vendor": "netty",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 4.1.132.Final"
            },
            {
              "status": "affected",
              "version": "\u003e= 4.2.0.Alpha1, \u003c 4.2.10.Final"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, a remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of `CONTINUATION` frames. The server\u0027s lack of a limit on the number of `CONTINUATION` frames, combined with a bypass of existing size-based mitigations using zero-byte frames, allows an user to cause excessive CPU consumption with minimal bandwidth, rendering the server unresponsive. Versions 4.1.132.Final and 4.2.10.Final fix the issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-27T19:55:23.135Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv"
        }
      ],
      "source": {
        "advisory": "GHSA-w9fj-cfpg-grvv",
        "discovery": "UNKNOWN"
      },
      "title": "Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-33871",
    "datePublished": "2026-03-27T19:55:23.135Z",
    "dateReserved": "2026-03-24T15:10:05.679Z",
    "dateUpdated": "2026-03-31T18:54:19.771Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-3505 (GCVE-0-2026-3505)

Vulnerability from cvelistv5 – Published: 2026-04-15 09:06 – Updated: 2026-05-18 23:21

Title

Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion.

Summary

Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules). This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java, OperatorHelper.Java. This issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.

Severity

8.7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-770 - Allocation of resources without limits or throttling
CWE-400 - Uncontrolled Resource Consumption

Assigner

bcorg

References

2 references

URL	Tags
https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9…	vendor-advisory
https://github.com/bcgit/bc-java/commit/dc7530939…	patch

Impacted products

1 product

Vendor	Product	Version
Legion of the Bouncy Castle Inc.	BC-JAVA	Affected: 1.74 , < 1.80.2 (maven) Affected: 1.81 , < 1.81.1 (maven) Affected: 1.82 , < 1.84 (maven)

Credits

Disclosure <disclosure@aisle.com>

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-3505",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-15T13:10:48.791999Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-15T13:10:55.206Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
          "defaultStatus": "unaffected",
          "modules": [
            "pg"
          ],
          "packageName": "bcpg",
          "platforms": [
            "all"
          ],
          "product": "BC-JAVA",
          "programFiles": [
            "AEADEncDataPacket.java",
            "BcAEADUtil.java",
            "JceAEADUtil.java",
            "OperatorHelper.java"
          ],
          "repo": "https://github.com/bcgit/bc-java",
          "vendor": "Legion of the Bouncy Castle Inc.",
          "versions": [
            {
              "lessThan": "1.80.2",
              "status": "affected",
              "version": "1.74",
              "versionType": "maven"
            },
            {
              "lessThan": "1.81.1",
              "status": "affected",
              "version": "1.81",
              "versionType": "maven"
            },
            {
              "lessThan": "1.84",
              "status": "affected",
              "version": "1.82",
              "versionType": "maven"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Disclosure \u003cdisclosure@aisle.com\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules).\u003cp\u003e This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java, OperatorHelper.Java.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\u003c/p\u003e"
            }
          ],
          "value": "Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules).\n\n This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java, OperatorHelper.Java.\n\n\n\nThis issue affects BC-JAVA: from 1.74 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770 Allocation of resources without limits or throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-18T23:21:21.526Z",
        "orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
        "shortName": "bcorg"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%903505"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/bcgit/bc-java/commit/dc7530939ffb6cdb57636f3609d98e23b94e71c1"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion.",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
    "assignerShortName": "bcorg",
    "cveId": "CVE-2026-3505",
    "datePublished": "2026-04-15T09:06:37.939Z",
    "dateReserved": "2026-03-04T00:44:50.028Z",
    "dateUpdated": "2026-05-18T23:21:21.526Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-35554 (GCVE-0-2026-35554)

Vulnerability from cvelistv5 – Published: 2026-04-07 13:07 – Updated: 2026-04-07 16:23

Title

Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition

Summary

A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is prematurely deallocated and returned to the buffer pool. If a subsequent producer batch—potentially destined for a different topic—reuses this freed buffer before the original network request completes, the buffer contents may become corrupted. This can result in messages being delivered to unintended topics without any error being reported to the producer. Data Confidentiality: Messages intended for one topic may be delivered to a different topic, potentially exposing sensitive data to consumers who have access to the destination topic but not the intended source topic. Data Integrity: Consumers on the receiving topic may encounter unexpected or incompatible messages, leading to deserialization failures, processing errors, and corrupted downstream data. This issue affects Apache Kafka versions ≤ 3.9.1, ≤ 4.0.1, and ≤ 4.1.1. Kafka users are advised to upgrade to 3.9.2, 4.0.2, 4.1.2, 4.2.0, or later to address this vulnerability.

Severity

8.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-416 - Use After Free
CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Assigner

apache

References

3 references

URL	Tags
https://issues.apache.org/jira/browse/KAFKA-19012	issue-tracking
https://lists.apache.org/thread/f07x7j8ovyqhjd1to…	mailing-listvendor-advisory
http://www.openwall.com/lists/oss-security/2026/04/07/6

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache Kafka Clients	Affected: 2.8.0 , ≤ 3.9.1 (semver) Affected: 4.0.0 , ≤ 4.0.1 (semver) Affected: 4.1.0 , ≤ 4.1.1 (semver)

Credits

Bharath Vissapragada <bharathv@apache.org> Donny Nadolny <donny.nadolny@hotmail.com> Donny Nadolny <donny.nadolny@hotmail.com>

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 8.7,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-35554",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-07T13:57:17.254124Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-07T13:58:08.252Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-04-07T16:23:31.521Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/04/07/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.kafka:kafka-clients",
          "product": "Apache Kafka Clients",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "3.9.1",
              "status": "affected",
              "version": "2.8.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.0.1",
              "status": "affected",
              "version": "4.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.1.1",
              "status": "affected",
              "version": "4.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Bharath Vissapragada \u003cbharathv@apache.org\u003e"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Donny Nadolny \u003cdonny.nadolny@hotmail.com\u003e"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Donny Nadolny \u003cdonny.nadolny@hotmail.com\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eA race condition in the \u003cstrong\u003eApache Kafka Java producer client\u2019s buffer pool management\u003c/strong\u003e can cause messages to be silently delivered to incorrect topics.\u003c/p\u003e\u003cp\u003eWhen a produce batch expires due to \u003ccode\u003edelivery.timeout.ms\u003c/code\u003e while a network request containing that batch is still in flight, the batch\u2019s \u003ccode\u003eByteBuffer\u003c/code\u003e is prematurely deallocated and returned to the buffer pool. If a subsequent producer batch\u2014potentially destined for a different topic\u2014reuses this freed buffer before the original network request completes, the buffer contents may become corrupted. This can result in messages being delivered to unintended topics without any error being reported to the producer.\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eData Confidentiality:\u003c/strong\u003e\u003cbr\u003eMessages intended for one topic may be delivered to a different topic, potentially exposing sensitive data to consumers who have access to the destination topic but not the intended source topic.\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eData Integrity:\u003c/strong\u003e\u003cbr\u003eConsumers on the receiving topic may encounter unexpected or incompatible messages, leading to deserialization failures, processing errors, and corrupted downstream data.\u003c/p\u003e\u003cp\u003eThis issue affects \u003cstrong\u003eApache Kafka versions \u2264 3.9.1, \u2264 4.0.1, and\u0026nbsp; \u2264 4.1.1\u003c/strong\u003e.\u003c/p\u003e\u003cp\u003eKafka users are advised to upgrade to \u003cstrong\u003e3.9.2, 4.0.2, 4.1.2, 4.2.0, or later\u003c/strong\u003e to address this vulnerability.\u003c/p\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "A race condition in the Apache Kafka Java producer client\u2019s buffer pool management can cause messages to be silently delivered to incorrect topics.\n\nWhen a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch\u2019s ByteBuffer is prematurely deallocated and returned to the buffer pool. If a subsequent producer batch\u2014potentially destined for a different topic\u2014reuses this freed buffer before the original network request completes, the buffer contents may become corrupted. This can result in messages being delivered to unintended topics without any error being reported to the producer.\n\n\nData Confidentiality:\nMessages intended for one topic may be delivered to a different topic, potentially exposing sensitive data to consumers who have access to the destination topic but not the intended source topic.\n\nData Integrity:\nConsumers on the receiving topic may encounter unexpected or incompatible messages, leading to deserialization failures, processing errors, and corrupted downstream data.\n\nThis issue affects Apache Kafka versions \u2264 3.9.1, \u2264 4.0.1, and\u00a0 \u2264 4.1.1.\n\nKafka users are advised to upgrade to 3.9.2, 4.0.2, 4.1.2, 4.2.0, or later to address this vulnerability."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-07T13:07:08.679Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://issues.apache.org/jira/browse/KAFKA-19012"
        },
        {
          "tags": [
            "mailing-list",
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/f07x7j8ovyqhjd1to25jsnqbm6wj01d6"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-35554",
    "datePublished": "2026-04-07T13:07:08.679Z",
    "dateReserved": "2026-04-03T11:08:30.442Z",
    "dateUpdated": "2026-04-07T16:23:31.521Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-41417 (GCVE-0-2026-41417)

Vulnerability from cvelistv5 – Published: 2026-05-06 20:52 – Updated: 2026-05-07 13:59

Title

Netty vulnerable to HTTP request smuggling and RTSP request injection via DefaultHttpRequest.setUri()

Summary

Netty allows request-line validation to be bypassed when a `DefaultHttpRequest` or `DefaultFullHttpRequest` is created first and its URI is later changed via `setUri()`. The constructors reject CRLF and whitespace characters that would break the start-line, but `setUri()` does not apply the same validation. `HttpRequestEncoder` and `RtspEncoder` then write the URI into the request line verbatim. If attacker-controlled input reaches `setUri()`, this enables CRLF injection and insertion of additional HTTP or RTSP requests, leading to HTTP request smuggling or desynchronization on the HTTP side and request injection on the RTSP side. This issue is fixed in versions 4.2.13.Final and 4.1.133.Final.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

SSVC

Exploitation: poc Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')
CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Assigner

GitHub_M

References

1 reference

URL	Tags
https://github.com/netty/netty/security/advisorie…	x_refsource_CONFIRM

Impacted products

1 product

Vendor	Product	Version
netty	netty	Affected: >= 4.2.0.Alpha1, <= 4.2.12.Final Affected: <= 4.1.132.Final

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-41417",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-07T13:59:21.169996Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-07T13:59:59.536Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "netty",
          "vendor": "netty",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 4.2.0.Alpha1, \u003c= 4.2.12.Final"
            },
            {
              "status": "affected",
              "version": "\u003c= 4.1.132.Final"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Netty allows request-line validation to be bypassed when a `DefaultHttpRequest` or `DefaultFullHttpRequest` is created first and its URI is later changed via `setUri()`. The constructors reject CRLF and whitespace characters that would break the start-line, but `setUri()` does not apply the same validation. `HttpRequestEncoder` and `RtspEncoder` then write the URI into the request line verbatim. If attacker-controlled input reaches `setUri()`, this enables CRLF injection and insertion of additional HTTP or RTSP requests, leading to HTTP request smuggling or desynchronization on the HTTP side and request injection on the RTSP side. This issue is fixed in versions 4.2.13.Final and 4.1.133.Final."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-93",
              "description": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-444",
              "description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-06T20:52:47.206Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv"
        }
      ],
      "source": {
        "advisory": "GHSA-v8h7-rr48-vmmv",
        "discovery": "UNKNOWN"
      },
      "title": "Netty vulnerable to HTTP request smuggling and RTSP request injection via DefaultHttpRequest.setUri()"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-41417",
    "datePublished": "2026-05-06T20:52:47.206Z",
    "dateReserved": "2026-04-20T15:32:33.813Z",
    "dateUpdated": "2026-05-07T13:59:59.536Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42402 (GCVE-0-2026-42402)

Vulnerability from cvelistv5 – Published: 2026-05-01 08:54 – Updated: 2026-05-01 16:21

Title

Apache Neethi: Policy Normalization Unbounded Resource Allocation DoS

Summary

Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory allocation that exhausts the JVM heap. This occurs when the normalization process generates an excessive number of policy alternatives without bounds, leading to runtime memory exhaustion. Users should upgrade to 3.2.2 which limits the maximum number of normalized policy alternatives.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

apache

References

2 references

URL	Tags
https://lists.apache.org/thread/p826j0phhmr9f83wz…	vendor-advisory
http://www.openwall.com/lists/oss-security/2026/05/01/6

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache Neethi	Affected: 0 , < 3.2.2 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42402",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-01T13:19:29.068242Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-01T13:19:40.177Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-05-01T16:21:05.909Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.neethi:neethi",
          "product": "Apache Neethi",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "3.2.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory allocation that exhausts the JVM heap. This occurs when the normalization process generates an excessive number of policy alternatives without bounds, leading to runtime memory exhaustion.\u003cbr\u003e\u003cbr\u003eUsers should upgrade to 3.2.2 which limits the maximum number of normalized policy alternatives."
            }
          ],
          "value": "Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory allocation that exhausts the JVM heap. This occurs when the normalization process generates an excessive number of policy alternatives without bounds, leading to runtime memory exhaustion.\n\nUsers should upgrade to 3.2.2 which limits the maximum number of normalized policy alternatives."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-01T09:45:05.010Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/p826j0phhmr9f83wzpmys1y0bdfrr2q4"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Neethi: Policy Normalization Unbounded Resource Allocation DoS",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-42402",
    "datePublished": "2026-05-01T08:54:41.427Z",
    "dateReserved": "2026-04-27T10:27:13.637Z",
    "dateUpdated": "2026-05-01T16:21:05.909Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-42403 (GCVE-0-2026-42403)

Vulnerability from cvelistv5 – Published: 2026-05-01 08:38 – Updated: 2026-05-01 16:21

Title

Apache Neethi: Circular Policy Reference Infinite Loop

Summary

Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references (where Policy A references Policy B which references Policy A), the policy normalization process can enter an infinite loop or cause excessive recursion, leading to a stack overflow or application hang. An attacker can craft malicious policy documents with circular references to cause a Denial of Service condition Users are recommended to upgrade to version 3.2.2, which fixes this issue.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

apache

References

2 references

URL	Tags
https://lists.apache.org/thread/zm6t8skkkskjwk188…	vendor-advisory
http://www.openwall.com/lists/oss-security/2026/05/01/7

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache Neethi	Affected: 0 , < 3.2.2 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-42403",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-01T13:24:54.889132Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-01T13:25:08.432Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-05-01T16:21:07.061Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/05/01/7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.neethi:neethi",
          "product": "Apache Neethi",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "3.2.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references (where Policy A references Policy B which references Policy A), the policy normalization process can enter an infinite loop or cause excessive recursion, leading to a stack overflow or application hang. An attacker can craft malicious policy documents with circular references to cause a Denial of Service condition\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to version 3.2.2, which fixes this issue."
            }
          ],
          "value": "Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references (where Policy A references Policy B which references Policy A), the policy normalization process can enter an infinite loop or cause excessive recursion, leading to a stack overflow or application hang. An attacker can craft malicious policy documents with circular references to cause a Denial of Service condition\n\nUsers are recommended to upgrade to version 3.2.2, which fixes this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-01T09:44:07.608Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/zm6t8skkkskjwk1881l4m4n0l7dqclzo"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Neethi: Circular Policy Reference Infinite Loop",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2026-42403",
    "datePublished": "2026-05-01T08:38:16.035Z",
    "dateReserved": "2026-04-27T10:33:09.134Z",
    "dateUpdated": "2026-05-01T16:21:07.061Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

Vulnerability from cleanstart

CVE-2026-0636 (GCVE-0-2026-0636)

CVE-2026-3260 (GCVE-0-2026-3260)

CVE-2026-33558 (GCVE-0-2026-33558)

CVE-2026-33870 (GCVE-0-2026-33870)

CVE-2026-33871 (GCVE-0-2026-33871)

CVE-2026-3505 (GCVE-0-2026-3505)

CVE-2026-35554 (GCVE-0-2026-35554)

CVE-2026-41417 (GCVE-0-2026-41417)

CVE-2026-42402 (GCVE-0-2026-42402)

CVE-2026-42403 (GCVE-0-2026-42403)

Tags

Sightings

Nomenclature