CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
In the Linux kernel, Bluetooth HCI UART driver vulnerabilities lead to Use-After-Free (UAF) and data races in close and init paths. Improper workqueue management and synchronization can cause dereference of freed memory.
In the Linux kernel io-wq subsystem, a missing check whether the list predecessor is hashed before using it to update the hash bucket tail pointer leads to a dangling pointer in hash_tail[]. After the non-hashed work is freed, the stale pointer can be dereferenced when enqueuing new hashed work, causing a use-after-free.
An 'Infinite Loop' vulnerability in the mod_proxy_ftp module of the Apache HTTP Server occurs when an attacker controls the backend FTP server. This issue affects versions from 2.4.0 through 2.4.67.
A Buffer Over-read vulnerability in Apache HTTP Server occurs when sending outbound OCSP requests to an attacker-controlled OCSP server. The issue affects versions from 2.4.0 through 2.4.67.
In versions prior to 3.1.2, FlowiseAI has a mass assignment vulnerability in the chatflow update endpoint. This allows authenticated users to modify internal attributes of a chatflow and reassign it to another workspace.
A heap-based buffer overflow vulnerability in Apache HTTP Server exists in the mod_xml2enc module when processing untrusted content via the xml2StartParse function. Affected versions are from 2.4.0 through 2.4.67.
A stack overflow was discovered in the list1 parameter of the fromDhcpListClient function in the Tenda FH451 V1.0.0.9 device. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVE-2026-34356 is a heap-based buffer overflow vulnerability in Apache HTTP Server that can be exploited by malicious backend servers and the ProxyPassReverseCookie function.
A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend.
Software running as a non-privileged user may conduct improper GPU system calls, leading to mismanagement of a mapping state for sparse memory allocation.
Software running as a non-privileged user may conduct improper GPU system calls, leading to kernel heap memory corruption.
A vulnerability was found in Tenda AC18 version 15.03.05.05, affecting the function sub_45304 in the file /goform/getRebootStatus of the Web Management Interface. Manipulation of the callback argument results in stack-based buffer overflow.
A vulnerability has been found in Tenda W20E version 15.11.0.6, affecting the modifyWifiFilterRules function in the /goform/modifyWifiFilterRules file of the Web Management Interface. Manipulation of the wifiFilterListRemark argument leads to stack-based buffer overflow.
A flaw has been found in Tenda W20E version 15.11.0.6 affecting the function formPortalAuth of the file /goform/PortalAuth in the Web Management Interface. Manipulating the argument gotoUrl can lead to stack-based buffer overflow.
A vulnerability was detected in Tenda W20E version 15.11.0.6, affecting the function formSetPortMirror in the file /goform/setPortMirror. Manipulating the argument portMirrorMirroredPorts results in a stack-based buffer overflow.
Routinator crashes when it encounters a file via RRDP using a specifically crafted Document Type Definition.
CVE-2026-49234 vulnerability causes Routinator to crash when a specifically crafted non-UTF-8 string is sent as the select-asn query parameter to the /api/v1/origins endpoint.
Routinator does not properly check the module component of rsync URIs, allowing for path traversal. An attacker can exploit a module name containing '..', potentially gaining access to the entire Routinator rsync cache.
Routinator exits on any error when accepting incoming HTTP or RTR connections, including recoverable errors like running out of file descriptors. This condition can be maliciously triggered by an attacker by opening a large number of connections to the HTTP or RTR server.
A vulnerability in the gun_http module of ninenines allows a malicious HTTP server to force the client into raw protocol mode via an unsolicited 101 Switching Protocols response. The lack of proper checks in the handle_inform/8 function enables this behavior.

