Common Weakness Enumeration

CWE-404

Allowed-with-Review

Improper Resource Shutdown or Release

Abstraction: Class · Status: Draft

The product does not release or incorrectly releases a resource before it is made available for re-use.

1219 vulnerabilities reference this CWE, most recent first.

CVE-2026-14623 (GCVE-0-2026-14623)

Vulnerability from cvelistv5 – Published: 2026-07-04 09:45 – Updated: 2026-07-06 15:01 X_Open Source
VLAI
Title
omec-project amf NGAP Message RRCInactiveTransitionReport denial of service
Summary
A vulnerability was determined in omec-project amf up to 2.1.1. This issue affects the function RRCInactiveTransitionReport of the component NGAP Message Handler. Executing a manipulation can lead to denial of service. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This patch is called 34bc6724acc97dba1f8691e586da95b042cb612d. A patch should be applied to remediate this issue.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
omec-project amf Affected: 2.1.0
Affected: 2.1.1
    cpe:2.3:a:omec-project:amf:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
shovon0203 (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-14623",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-06T15:01:41.287499Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-06T15:01:50.499Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:omec-project:amf:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "NGAP Message Handler"
          ],
          "product": "amf",
          "vendor": "omec-project",
          "versions": [
            {
              "status": "affected",
              "version": "2.1.0"
            },
            {
              "status": "affected",
              "version": "2.1.1"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "shovon0203 (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was determined in omec-project amf up to 2.1.1. This issue affects the function RRCInactiveTransitionReport of the component NGAP Message Handler. Executing a manipulation can lead to denial of service. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This patch is called 34bc6724acc97dba1f8691e586da95b042cb612d. A patch should be applied to remediate this issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Denial of Service",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-04T09:45:10.403Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-376139 | omec-project amf NGAP Message RRCInactiveTransitionReport denial of service",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/376139"
        },
        {
          "name": "VDB-376139 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/376139/cti"
        },
        {
          "name": "CVE-2026-14623 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-14623"
        },
        {
          "name": "Submit #845348 | Linux Foundation Projects SD-Core 2.1.1 Memory Corruption",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/845348"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/omec-project/amf/issues/676"
        },
        {
          "tags": [
            "issue-tracking",
            "patch"
          ],
          "url": "https://github.com/omec-project/amf/pull/666"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/omec-project/amf/commit/34bc6724acc97dba1f8691e586da95b042cb612d"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/omec-project/amf/"
        }
      ],
      "tags": [
        "x_open-source"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-07-03T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-07-03T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-07-03T19:06:10.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "omec-project amf NGAP Message RRCInactiveTransitionReport denial of service"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-14623",
    "datePublished": "2026-07-04T09:45:10.403Z",
    "dateReserved": "2026-07-03T17:01:00.787Z",
    "dateUpdated": "2026-07-06T15:01:50.499Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-14618 (GCVE-0-2026-14618)

Vulnerability from cvelistv5 – Published: 2026-07-04 06:00 – Updated: 2026-07-06 17:11 X_Open Source
VLAI
Title
Open5GS AMF nnrf-handler.c amf_nnrf_handle_nf_discover denial of service
Summary
A vulnerability was detected in Open5GS up to 2.7.7. Affected by this vulnerability is the function amf_nnrf_handle_nf_discover of the file src/amf/nnrf-handler.c of the component AMF. The manipulation results in denial of service. The attack may be launched remotely. The exploit is now public and may be used. The patch is identified as fb5f67703de0213fb9c6e6ef3b48b6c1707e9503. It is best practice to apply a patch to resolve this issue.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
n/a Open5GS Affected: 2.7.0
Affected: 2.7.1
Affected: 2.7.2
Affected: 2.7.3
Affected: 2.7.4
Affected: 2.7.5
Affected: 2.7.6
Affected: 2.7.7
    cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*
Credits
insengen (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-14618",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-06T17:11:24.257381Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-06T17:11:44.913Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "AMF"
          ],
          "product": "Open5GS",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2.7.0"
            },
            {
              "status": "affected",
              "version": "2.7.1"
            },
            {
              "status": "affected",
              "version": "2.7.2"
            },
            {
              "status": "affected",
              "version": "2.7.3"
            },
            {
              "status": "affected",
              "version": "2.7.4"
            },
            {
              "status": "affected",
              "version": "2.7.5"
            },
            {
              "status": "affected",
              "version": "2.7.6"
            },
            {
              "status": "affected",
              "version": "2.7.7"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "insengen (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was detected in Open5GS up to 2.7.7. Affected by this vulnerability is the function amf_nnrf_handle_nf_discover of the file src/amf/nnrf-handler.c of the component AMF. The manipulation results in denial of service. The attack may be launched remotely. The exploit is now public and may be used. The patch is identified as fb5f67703de0213fb9c6e6ef3b48b6c1707e9503. It is best practice to apply a patch to resolve this issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Denial of Service",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-04T06:00:09.970Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-376135 | Open5GS AMF nnrf-handler.c amf_nnrf_handle_nf_discover denial of service",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/376135"
        },
        {
          "name": "VDB-376135 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/376135/cti"
        },
        {
          "name": "CVE-2026-14618 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-14618"
        },
        {
          "name": "Submit #844824 | Open5GS 2.7.7 Denial of Service",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/844824"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/open5gs/open5gs/issues/4517"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/open5gs/open5gs/issues/4517#issuecomment-4589606265"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/ferrancanellas/open5gs/commit/fb5f67703de0213fb9c6e6ef3b48b6c1707e9503"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/open5gs/open5gs/"
        }
      ],
      "tags": [
        "x_open-source"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-07-03T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-07-03T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-07-03T18:41:24.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Open5GS AMF nnrf-handler.c amf_nnrf_handle_nf_discover denial of service"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-14618",
    "datePublished": "2026-07-04T06:00:09.970Z",
    "dateReserved": "2026-07-03T16:36:17.574Z",
    "dateUpdated": "2026-07-06T17:11:44.913Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-13523 (GCVE-0-2026-13523)

Vulnerability from cvelistv5 – Published: 2026-06-29 01:30 – Updated: 2026-06-29 12:58 X_Open Source
VLAI
Title
GPAC ISOBMFF base_encoding.c data amplification
Summary
A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/base_encoding.c of the component ISOBMFF Parser. Executing a manipulation can lead to highly compressed data. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. This patch is called 297f2d8d1f493d8b241330533cd47f7da758aeb3. A patch should be applied to remediate this issue. The vendor confirms: "We added a check on inflate output size, if it surpasses 32 times the input size we stop in error. This value could be adjusted later."
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
n/a GPAC Affected: 26.02
    cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*
Credits
Fantasy (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-13523",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-29T12:58:45.988130Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-29T12:58:52.866Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "ISOBMFF Parser"
          ],
          "product": "GPAC",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "26.02"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Fantasy (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/base_encoding.c of the component ISOBMFF Parser. Executing a manipulation can lead to highly compressed data. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. This patch is called 297f2d8d1f493d8b241330533cd47f7da758aeb3. A patch should be applied to remediate this issue. The vendor confirms: \"We added a check on inflate output size, if it surpasses 32 times the input size we stop in error. This value could be adjusted later.\""
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 1.7,
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-409",
              "description": "Highly Compressed Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Denial of Service",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-29T01:30:08.539Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-374531 | GPAC ISOBMFF base_encoding.c data amplification",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/vuln/374531"
        },
        {
          "name": "VDB-374531 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/374531/cti"
        },
        {
          "name": "CVE-2026-13523 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-13523"
        },
        {
          "name": "Submit #840159 | GPAC \u003c= 26.02.0 Uncontrolled Resource Consumption",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/840159"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/gpac/gpac/issues/3588"
        },
        {
          "tags": [
            "issue-tracking",
            "patch"
          ],
          "url": "https://github.com/gpac/gpac/pull/3589"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/gpac/gpac/commit/297f2d8d1f493d8b241330533cd47f7da758aeb3"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/gpac/gpac/"
        }
      ],
      "tags": [
        "x_open-source"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-06-28T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-06-28T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-06-28T09:52:25.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "GPAC ISOBMFF base_encoding.c data amplification"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-13523",
    "datePublished": "2026-06-29T01:30:08.539Z",
    "dateReserved": "2026-06-28T07:47:20.977Z",
    "dateUpdated": "2026-06-29T12:58:52.866Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-13491 (GCVE-0-2026-13491)

Vulnerability from cvelistv5 – Published: 2026-06-28 11:15 – Updated: 2026-06-29 12:29 X_Open Source
VLAI
Title
78 xiaozhi-esp32 MQTT Goodbye mqtt_protocol.cc GetInstance denial of service
Summary
A vulnerability was detected in 78 xiaozhi-esp32 up to 2.2.6. This vulnerability affects the function Application::GetInstance of the file main/protocols/mqtt_protocol.cc of the component MQTT Goodbye Handler. Performing a manipulation of the argument session_id results in denial of service. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is stated that the exploitability is difficult. The exploit is now public and may be used. The patch is named e182471f8c5a22434346bd98da34d3b66c8c8b3e. It is recommended to apply a patch to fix this issue.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
78 xiaozhi-esp32 Affected: 2.2.0
Affected: 2.2.1
Affected: 2.2.2
Affected: 2.2.3
Affected: 2.2.4
Affected: 2.2.5
Affected: 2.2.6
    cpe:2.3:a:78:xiaozhi-esp32:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
dem0000 (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-13491",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-29T12:28:44.324743Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-29T12:29:15.720Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:78:xiaozhi-esp32:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "MQTT Goodbye Handler"
          ],
          "product": "xiaozhi-esp32",
          "vendor": "78",
          "versions": [
            {
              "status": "affected",
              "version": "2.2.0"
            },
            {
              "status": "affected",
              "version": "2.2.1"
            },
            {
              "status": "affected",
              "version": "2.2.2"
            },
            {
              "status": "affected",
              "version": "2.2.3"
            },
            {
              "status": "affected",
              "version": "2.2.4"
            },
            {
              "status": "affected",
              "version": "2.2.5"
            },
            {
              "status": "affected",
              "version": "2.2.6"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "dem0000 (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was detected in 78 xiaozhi-esp32 up to 2.2.6. This vulnerability affects the function Application::GetInstance of the file main/protocols/mqtt_protocol.cc of the component MQTT Goodbye Handler. Performing a manipulation of the argument session_id results in denial of service. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is stated that the exploitability is difficult. The exploit is now public and may be used. The patch is named e182471f8c5a22434346bd98da34d3b66c8c8b3e. It is recommended to apply a patch to fix this issue."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.6,
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Denial of Service",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-28T11:15:10.481Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-374488 | 78 xiaozhi-esp32 MQTT Goodbye mqtt_protocol.cc GetInstance denial of service",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/374488"
        },
        {
          "name": "VDB-374488 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/374488/cti"
        },
        {
          "name": "CVE-2026-13491 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-13491"
        },
        {
          "name": "Submit #838439 | 78 xiaozhi-esp32 2aeecd4e014780ac15cfa4866906cca16267010d Denial of Service",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/838439"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/78/xiaozhi-esp32/issues/2022"
        },
        {
          "tags": [
            "issue-tracking",
            "patch"
          ],
          "url": "https://github.com/78/xiaozhi-esp32/pull/2023"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/78/xiaozhi-esp32/commit/e182471f8c5a22434346bd98da34d3b66c8c8b3e"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/78/xiaozhi-esp32/"
        }
      ],
      "tags": [
        "x_open-source"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-06-27T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-06-27T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-06-27T18:09:19.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "78 xiaozhi-esp32 MQTT Goodbye mqtt_protocol.cc GetInstance denial of service"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-13491",
    "datePublished": "2026-06-28T11:15:10.481Z",
    "dateReserved": "2026-06-27T16:04:15.073Z",
    "dateUpdated": "2026-06-29T12:29:15.720Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-12575 (GCVE-0-2026-12575)

Vulnerability from cvelistv5 – Published: 2026-07-01 06:55 – Updated: 2026-07-01 12:22
VLAI
Title
DVP80ES3 Improper Resource Shutdown or Release Vulnerability
Summary
DVP80ES3 with  Improper Resource Shutdown or Release vulnerability.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-404 - Improper Resource Shutdown or Release
Assigner
Impacted products
Vendor Product Version
deltaww DVP80ES3 Affected: 0 , ≤ 1.06.00 (custom)
Create a notification for this product.
Date Public
2026-07-01 06:43
Credits
Qian Zou, Ke Xu, Xuewei Feng, Qi Li, Xueying Li, and Gang Jin from Zhongguancun Laboratory
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-12575",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-01T12:22:18.661817Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-01T12:22:28.713Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "DVP80ES3",
          "vendor": "deltaww",
          "versions": [
            {
              "lessThanOrEqual": "1.06.00",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:deltaww:dvp80es3:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "1.06.00",
                  "versionStartIncluding": "0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Qian Zou, Ke Xu, Xuewei Feng, Qi Li, Xueying Li, and Gang Jin from Zhongguancun Laboratory"
        }
      ],
      "datePublic": "2026-07-01T06:43:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "DVP80ES3 with\u0026nbsp;\nImproper Resource Shutdown or Release vulnerability."
            }
          ],
          "value": "DVP80ES3 with\u00a0\nImproper Resource Shutdown or Release vulnerability."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-119",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-119: Deplete Resources"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "CWE-404: Improper Resource Shutdown or Release",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-01T06:55:18.417Z",
        "orgId": "759f5e80-c8e1-4224-bead-956d7b33c98b",
        "shortName": "Deltaww"
      },
      "references": [
        {
          "url": "https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00009_DVP80ES3%20Multiple%20Vulnerabilities_v1%20(CVE-2026-12575,%2012576,%2012577).pdf"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Users are recommended to update the device firmware to v01.08.10 or later."
            }
          ],
          "value": "Users are recommended to update the device firmware to v01.08.10 or later."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "DVP80ES3 Improper Resource Shutdown or Release Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "759f5e80-c8e1-4224-bead-956d7b33c98b",
    "assignerShortName": "Deltaww",
    "cveId": "CVE-2026-12575",
    "datePublished": "2026-07-01T06:55:18.417Z",
    "dateReserved": "2026-06-18T05:22:51.481Z",
    "dateUpdated": "2026-07-01T12:22:28.713Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-11317 (GCVE-0-2026-11317)

Vulnerability from cvelistv5 – Published: 2026-06-16 13:10 – Updated: 2026-06-16 15:20
VLAI
Title
Rockwell Automation Logix 5370 and 5570 Controllers Vulnerable To Denial of Service Via CIP
Summary
A denial of service security issue exists in the affected product. The security issue stems from a fault occurring when a crafted CIP message is sent. Devices with less memory are more likely to be affected. This can result in a major nonrecoverable fault (MNRF). A program download is required to recover.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-404 - Improper Resource Shutdown or Release
Assigner
Impacted products
Vendor Product Version
Rockwell Automation CompactLogix, ControlLogix Affected: Versions prior to 34.016
Affected: Versions prior to 35.015
Affected: Versions prior to 36.012
Create a notification for this product.
Date Public
2026-06-16 13:04
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-11317",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-16T15:20:28.009227Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-16T15:20:36.449Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "CompactLogix, ControlLogix",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "Versions prior to 34.016"
            },
            {
              "status": "affected",
              "version": "Versions prior to 35.015"
            },
            {
              "status": "affected",
              "version": "Versions prior to 36.012"
            }
          ]
        }
      ],
      "datePublic": "2026-06-16T13:04:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A denial of service security issue exists in the\naffected product. The security issue stems from a fault occurring when a\ncrafted CIP message is sent. Devices with less memory are more likely to be\naffected. This can result in a major nonrecoverable fault (MNRF). A program\ndownload is required to recover."
            }
          ],
          "value": "A denial of service security issue exists in the\naffected product. The security issue stems from a fault occurring when a\ncrafted CIP message is sent. Devices with less memory are more likely to be\naffected. This can result in a major nonrecoverable fault (MNRF). A program\ndownload is required to recover."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "CWE-404: Improper Resource Shutdown or Release",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-16T13:10:19.255Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1772.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Upgrade to\u0026nbsp;\u003cbr\u003eVersion 34.016 and later\u003cdiv\u003eVersion 35.015 and later\u003cbr\u003eVersion 36.012 and later\u003cbr\u003e\u003cp\u003eVersion\n37.011 and later\u003c/p\u003e\u003c/div\u003e"
            }
          ],
          "value": "Upgrade to\u00a0\nVersion 34.016 and laterVersion 35.015 and later\nVersion 36.012 and later\n\n\nVersion\n37.011 and later"
        }
      ],
      "source": {
        "advisory": "SD1772",
        "discovery": "INTERNAL"
      },
      "title": "Rockwell Automation Logix 5370 and 5570 Controllers Vulnerable To Denial of Service Via CIP",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2026-11317",
    "datePublished": "2026-06-16T13:10:19.255Z",
    "dateReserved": "2026-06-04T19:20:43.192Z",
    "dateUpdated": "2026-06-16T15:20:36.449Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-11312 (GCVE-0-2026-11312)

Vulnerability from cvelistv5 – Published: 2026-06-05 00:30 – Updated: 2026-06-05 13:12
VLAI
Title
bytedance InfiniStore KV Map infinistore.h purge_kv_map algorithmic complexity
Summary
A vulnerability was found in bytedance InfiniStore up to 0.2.33. The impacted element is the function purge_kv_map in the library /src/infinistore.h of the component KV Map Handler. Performing a manipulation results in inefficient algorithmic complexity. The attack requires a local approach. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-407 - Inefficient Algorithmic Complexity
  • CWE-404 - Denial of Service
Assigner
References
URL Tags
https://vuldb.com/vuln/368398 vdb-entrytechnical-description
https://vuldb.com/vuln/368398/cti signaturepermissions-required
https://vuldb.com/cve/CVE-2026-11312 third-party-advisory
https://vuldb.com/submit/832348 third-party-advisory
https://github.com/bytedance/InfiniStore/issues/200 exploitissue-tracking
https://github.com/bytedance/InfiniStore/ product
Impacted products
Vendor Product Version
bytedance InfiniStore Affected: 0.2.0
Affected: 0.2.1
Affected: 0.2.2
Affected: 0.2.3
Affected: 0.2.4
Affected: 0.2.5
Affected: 0.2.6
Affected: 0.2.7
Affected: 0.2.8
Affected: 0.2.9
Affected: 0.2.10
Affected: 0.2.11
Affected: 0.2.12
Affected: 0.2.13
Affected: 0.2.14
Affected: 0.2.15
Affected: 0.2.16
Affected: 0.2.17
Affected: 0.2.18
Affected: 0.2.19
Affected: 0.2.20
Affected: 0.2.21
Affected: 0.2.22
Affected: 0.2.23
Affected: 0.2.24
Affected: 0.2.25
Affected: 0.2.26
Affected: 0.2.27
Affected: 0.2.28
Affected: 0.2.29
Affected: 0.2.30
Affected: 0.2.31
Affected: 0.2.32
Affected: 0.2.33
    cpe:2.3:a:bytedance:infinistore:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Dem00 (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-11312",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-05T13:12:38.127231Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-05T13:12:50.570Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:bytedance:infinistore:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "KV Map Handler"
          ],
          "product": "InfiniStore",
          "vendor": "bytedance",
          "versions": [
            {
              "status": "affected",
              "version": "0.2.0"
            },
            {
              "status": "affected",
              "version": "0.2.1"
            },
            {
              "status": "affected",
              "version": "0.2.2"
            },
            {
              "status": "affected",
              "version": "0.2.3"
            },
            {
              "status": "affected",
              "version": "0.2.4"
            },
            {
              "status": "affected",
              "version": "0.2.5"
            },
            {
              "status": "affected",
              "version": "0.2.6"
            },
            {
              "status": "affected",
              "version": "0.2.7"
            },
            {
              "status": "affected",
              "version": "0.2.8"
            },
            {
              "status": "affected",
              "version": "0.2.9"
            },
            {
              "status": "affected",
              "version": "0.2.10"
            },
            {
              "status": "affected",
              "version": "0.2.11"
            },
            {
              "status": "affected",
              "version": "0.2.12"
            },
            {
              "status": "affected",
              "version": "0.2.13"
            },
            {
              "status": "affected",
              "version": "0.2.14"
            },
            {
              "status": "affected",
              "version": "0.2.15"
            },
            {
              "status": "affected",
              "version": "0.2.16"
            },
            {
              "status": "affected",
              "version": "0.2.17"
            },
            {
              "status": "affected",
              "version": "0.2.18"
            },
            {
              "status": "affected",
              "version": "0.2.19"
            },
            {
              "status": "affected",
              "version": "0.2.20"
            },
            {
              "status": "affected",
              "version": "0.2.21"
            },
            {
              "status": "affected",
              "version": "0.2.22"
            },
            {
              "status": "affected",
              "version": "0.2.23"
            },
            {
              "status": "affected",
              "version": "0.2.24"
            },
            {
              "status": "affected",
              "version": "0.2.25"
            },
            {
              "status": "affected",
              "version": "0.2.26"
            },
            {
              "status": "affected",
              "version": "0.2.27"
            },
            {
              "status": "affected",
              "version": "0.2.28"
            },
            {
              "status": "affected",
              "version": "0.2.29"
            },
            {
              "status": "affected",
              "version": "0.2.30"
            },
            {
              "status": "affected",
              "version": "0.2.31"
            },
            {
              "status": "affected",
              "version": "0.2.32"
            },
            {
              "status": "affected",
              "version": "0.2.33"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Dem00 (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in bytedance InfiniStore up to 0.2.33. The impacted element is the function purge_kv_map in the library /src/infinistore.h of the component KV Map Handler. Performing a manipulation results in inefficient algorithmic complexity. The attack requires a local approach. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 1.7,
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-407",
              "description": "Inefficient Algorithmic Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Denial of Service",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-05T00:30:14.091Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-368398 | bytedance InfiniStore KV Map infinistore.h purge_kv_map algorithmic complexity",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/368398"
        },
        {
          "name": "VDB-368398 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/368398/cti"
        },
        {
          "name": "CVE-2026-11312 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-11312"
        },
        {
          "name": "Submit #832348 | bytedance InfiniStore 0.2.33 Denial of Service",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/832348"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/bytedance/InfiniStore/issues/200"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/bytedance/InfiniStore/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-06-04T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-06-04T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-06-04T20:15:15.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "bytedance InfiniStore KV Map infinistore.h purge_kv_map algorithmic complexity"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-11312",
    "datePublished": "2026-06-05T00:30:14.091Z",
    "dateReserved": "2026-06-04T18:10:12.303Z",
    "dateUpdated": "2026-06-05T13:12:50.570Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-10802 (GCVE-0-2026-10802)

Vulnerability from cvelistv5 – Published: 2026-06-04 11:15 – Updated: 2026-06-04 12:31
VLAI
Title
keystonejs keystone GraphQL API Endpoint output-field.ts resource consumption
Summary
A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/core/queries/output-field.ts of the component GraphQL API Endpoint. The manipulation results in resource consumption. It is possible to launch the attack remotely. The exploit is now public and may be used. The pull request to fix this issue awaits acceptance.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
keystonejs keystone Affected: 20260319
    cpe:2.3:a:keystonejs:keystone:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
nedlir (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-10802",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-04T12:31:14.916360Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-04T12:31:20.535Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:keystonejs:keystone:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "GraphQL API Endpoint"
          ],
          "product": "keystone",
          "vendor": "keystonejs",
          "versions": [
            {
              "status": "affected",
              "version": "20260319"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "nedlir (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/core/queries/output-field.ts of the component GraphQL API Endpoint. The manipulation results in resource consumption. It is possible to launch the attack remotely. The exploit is now public and may be used. The pull request to fix this issue awaits acceptance."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 4,
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Denial of Service",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-04T11:15:10.397Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-368251 | keystonejs keystone GraphQL API Endpoint output-field.ts resource consumption",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/vuln/368251"
        },
        {
          "name": "VDB-368251 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/368251/cti"
        },
        {
          "name": "CVE-2026-10802 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-10802"
        },
        {
          "name": "Submit #831461 | Keystone KeystoneJS 2026-03-19 Denial of Service",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/831461"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/keystonejs/keystone/issues/9789"
        },
        {
          "tags": [
            "issue-tracking",
            "patch"
          ],
          "url": "https://github.com/keystonejs/keystone/pull/9831"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://gist.github.com/nedlir/0431275665076772844ebfe5167e54f6"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/keystonejs/keystone/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-06-04T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-06-04T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-06-04T07:07:34.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "keystonejs keystone GraphQL API Endpoint output-field.ts resource consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-10802",
    "datePublished": "2026-06-04T11:15:10.397Z",
    "dateReserved": "2026-06-04T05:02:30.479Z",
    "dateUpdated": "2026-06-04T12:31:20.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-10775 (GCVE-0-2026-10775)

Vulnerability from cvelistv5 – Published: 2026-06-03 22:15 – Updated: 2026-06-04 13:38
VLAI
Title
sgl-project SGLang Cache data_hash denial of service
Summary
A vulnerability was determined in sgl-project SGLang up to 0.5.11. Affected by this vulnerability is the function data_hash of the component Cache Handler. This manipulation causes denial of service. The attack is restricted to local execution. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
sgl-project SGLang Affected: 0.5.0
Affected: 0.5.1
Affected: 0.5.2
Affected: 0.5.3
Affected: 0.5.4
Affected: 0.5.5
Affected: 0.5.6
Affected: 0.5.7
Affected: 0.5.8
Affected: 0.5.9
Affected: 0.5.10
Affected: 0.5.11
    cpe:2.3:a:sgl-project:sglang:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Dem0 (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-10775",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-04T13:35:58.281057Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-04T13:38:02.903Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://vuldb.com/submit/831438"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/sgl-project/sglang/pull/22033"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:sgl-project:sglang:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "Cache Handler"
          ],
          "product": "SGLang",
          "vendor": "sgl-project",
          "versions": [
            {
              "status": "affected",
              "version": "0.5.0"
            },
            {
              "status": "affected",
              "version": "0.5.1"
            },
            {
              "status": "affected",
              "version": "0.5.2"
            },
            {
              "status": "affected",
              "version": "0.5.3"
            },
            {
              "status": "affected",
              "version": "0.5.4"
            },
            {
              "status": "affected",
              "version": "0.5.5"
            },
            {
              "status": "affected",
              "version": "0.5.6"
            },
            {
              "status": "affected",
              "version": "0.5.7"
            },
            {
              "status": "affected",
              "version": "0.5.8"
            },
            {
              "status": "affected",
              "version": "0.5.9"
            },
            {
              "status": "affected",
              "version": "0.5.10"
            },
            {
              "status": "affected",
              "version": "0.5.11"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Dem0 (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was determined in sgl-project SGLang up to 0.5.11. Affected by this vulnerability is the function data_hash of the component Cache Handler. This manipulation causes denial of service. The attack is restricted to local execution. A high degree of complexity is needed for the attack. The exploitation appears to be difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.4,
            "vectorString": "AV:L/AC:H/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Denial of Service",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-03T22:15:10.154Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-368138 | sgl-project SGLang Cache data_hash denial of service",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/368138"
        },
        {
          "name": "VDB-368138 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/368138/cti"
        },
        {
          "name": "CVE-2026-10775 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-10775"
        },
        {
          "name": "Submit #831438 | sgl-project/ sglang 0.5.11 Cache Poisoning",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/831438"
        },
        {
          "tags": [
            "exploit",
            "issue-tracking"
          ],
          "url": "https://github.com/sgl-project/sglang/issues/25462"
        },
        {
          "tags": [
            "issue-tracking",
            "patch"
          ],
          "url": "https://github.com/sgl-project/sglang/pull/22033"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/sgl-project/sglang/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-06-03T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-06-03T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-06-03T17:51:27.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "sgl-project SGLang Cache data_hash denial of service"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-10775",
    "datePublished": "2026-06-03T22:15:10.154Z",
    "dateReserved": "2026-06-03T15:46:16.282Z",
    "dateUpdated": "2026-06-04T13:38:02.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-10705 (GCVE-0-2026-10705)

Vulnerability from cvelistv5 – Published: 2026-06-03 01:15 – Updated: 2026-06-03 14:11
VLAI
Title
dask HLL hyperloglog.py nunique_approx resource consumption
Summary
A flaw has been found in dask up to 3.0. Affected by this issue is the function nunique_approx of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The pull request to fix this issue awaits acceptance.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://vuldb.com/vuln/368018 vdb-entrytechnical-description
https://vuldb.com/vuln/368018/cti signaturepermissions-required
https://vuldb.com/cve/CVE-2026-10705 third-party-advisory
https://vuldb.com/submit/831411 third-party-advisory
https://github.com/dask/dask/issues/12403 issue-tracking
https://github.com/dask/dask/pull/12401 issue-trackingpatch
https://github.com/dask/dask/ product
Impacted products
Vendor Product Version
n/a dask Affected: 3.0
    cpe:2.3:a:dask:dask:*:*:*:*:*:*:*:*
Credits
Dem0 (VulDB User) VulDB CNA Team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-10705",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-03T14:11:33.203540Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-03T14:11:44.133Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:dask:dask:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "HLL Handler"
          ],
          "product": "dask",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "3.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Dem0 (VulDB User)"
        },
        {
          "lang": "en",
          "type": "coordinator",
          "value": "VulDB CNA Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw has been found in dask up to 3.0. Affected by this issue is the function nunique_approx of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The pull request to fix this issue awaits acceptance."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.1,
            "vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:P/E:ND/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "Denial of Service",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-03T01:15:10.343Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-368018 | dask HLL hyperloglog.py nunique_approx resource consumption",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/vuln/368018"
        },
        {
          "name": "VDB-368018 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/vuln/368018/cti"
        },
        {
          "name": "CVE-2026-10705 | CVE Analysis and Report",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/cve/CVE-2026-10705"
        },
        {
          "name": "Submit #831411 | dask 2026.3.0 Algorithmic Complexity / Hash Collision / Denial of Service",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/submit/831411"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/dask/dask/issues/12403"
        },
        {
          "tags": [
            "issue-tracking",
            "patch"
          ],
          "url": "https://github.com/dask/dask/pull/12401"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://github.com/dask/dask/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-06-02T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2026-06-02T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2026-06-02T19:51:54.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "dask HLL hyperloglog.py nunique_approx resource consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2026-10705",
    "datePublished": "2026-06-03T01:15:10.343Z",
    "dateReserved": "2026-06-02T17:46:25.630Z",
    "dateUpdated": "2026-06-03T14:11:44.133Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation MIT-3
Requirements

Strategy: Language Selection

  • Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, languages such as Java, Ruby, and Lisp perform automatic garbage collection that releases memory for objects that have been deallocated.
Mitigation
Implementation

It is good practice to be responsible for freeing all resources you allocate and to be consistent with how and where you free memory in a function. If you allocate memory that you intend to free upon completion of the function, you must be sure to free the memory at all exit points for that function including error conditions.

Mitigation
Implementation

Memory should be allocated/freed using matching functions such as malloc/free, new/delete, and new[]/delete[].

Mitigation
Implementation

When releasing a complex object or structure, ensure that you properly dispose of all of its member components, not just the object itself.

CAPEC-125: Flooding

An adversary consumes the resources of a target by rapidly engaging in a large number of interactions with the target. This type of attack generally exposes a weakness in rate limiting or flow. When successful this attack prevents legitimate users from accessing the service and can cause the target to crash. This attack differs from resource depletion through leaks or allocations in that the latter attacks do not rely on the volume of requests made to the target but instead focus on manipulation of the target's operations. The key factor in a flooding attack is the number of requests the adversary can make in a given period of time. The greater this number, the more likely an attack is to succeed against a given target.

CAPEC-130: Excessive Allocation

An adversary causes the target to allocate excessive resources to servicing the attackers' request, thereby reducing the resources available for legitimate services and degrading or denying services. Usually, this attack focuses on memory allocation, but any finite resource on the target could be the attacked, including bandwidth, processing cycles, or other resources. This attack does not attempt to force this allocation through a large number of requests (that would be Resource Depletion through Flooding) but instead uses one or a small number of requests that are carefully formatted to force the target to allocate excessive resources to service this request(s). Often this attack takes advantage of a bug in the target to cause the target to allocate resources vastly beyond what would be needed for a normal request.

CAPEC-131: Resource Leak Exposure

An adversary utilizes a resource leak on the target to deplete the quantity of the resource available to service legitimate requests.

CAPEC-494: TCP Fragmentation

An adversary may execute a TCP Fragmentation attack against a target with the intention of avoiding filtering rules of network controls, by attempting to fragment the TCP packet such that the headers flag field is pushed into the second fragment which typically is not filtered.

CAPEC-495: UDP Fragmentation

An attacker may execute a UDP Fragmentation attack against a target server in an attempt to consume resources such as bandwidth and CPU. IP fragmentation occurs when an IP datagram is larger than the MTU of the route the datagram has to traverse. Typically the attacker will use large UDP packets over 1500 bytes of data which forces fragmentation as ethernet MTU is 1500 bytes. This attack is a variation on a typical UDP flood but it enables more network bandwidth to be consumed with fewer packets. Additionally it has the potential to consume server CPU resources and fill memory buffers associated with the processing and reassembling of fragmented packets.

CAPEC-496: ICMP Fragmentation

An attacker may execute a ICMP Fragmentation attack against a target with the intention of consuming resources or causing a crash. The attacker crafts a large number of identical fragmented IP packets containing a portion of a fragmented ICMP message. The attacker these sends these messages to a target host which causes the host to become non-responsive. Another vector may be sending a fragmented ICMP message to a target host with incorrect sizes in the header which causes the host to hang.

CAPEC-666: BlueSmacking

An adversary uses Bluetooth flooding to transfer large packets to Bluetooth enabled devices over the L2CAP protocol with the goal of creating a DoS. This attack must be carried out within close proximity to a Bluetooth enabled device.