Total
87 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-31934 | 1 Oisf | 1 Suricata | 2026-04-07 | N/A | 7.5 HIGH |
| Suricata is a network IDS, IPS and NSM engine. From version 8.0.0 to before version 8.0.4, there is a quadratic complexity issue when searching for URLs in mime encoded messages over SMTP leading to a performance impact. This issue has been patched in version 8.0.4. | |||||
| CVE-2026-31937 | 1 Oisf | 1 Suricata | 2026-04-07 | N/A | 7.5 HIGH |
| Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, inefficiency in DCERPC buffering can lead to a performance degradation. This issue has been patched in version 7.0.15. | |||||
| CVE-2026-31933 | 1 Oisf | 1 Suricata | 2026-04-07 | N/A | 7.5 HIGH |
| Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, specially crafted traffic can cause Suricata to slow down, affecting performance in IDS mode. This issue has been patched in versions 7.0.15 and 8.0.4. | |||||
| CVE-2026-31932 | 1 Oisf | 1 Suricata | 2026-04-07 | N/A | 7.5 HIGH |
| Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, inefficiency in KRB5 buffering can lead to performance degradation. This issue has been patched in versions 7.0.15 and 8.0.4. | |||||
| CVE-2026-34573 | 1 Parseplatform | 1 Parse-server | 2026-04-02 | N/A | 7.5 HIGH |
| Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.68 and 9.7.0-alpha.12, the GraphQL query complexity validator can be exploited to cause a denial-of-service by sending a crafted query with binary fan-out fragment spreads. A single unauthenticated request can block the Node.js event loop for seconds, denying service to all concurrent users. This only affects deployments that have enabled the requestComplexity.graphQLDepth or requestComplexity.graphQLFields configuration options. This issue has been patched in versions 8.6.68 and 9.7.0-alpha.12. | |||||
| CVE-2026-3988 | 1 Gitlab | 1 Gitlab | 2026-03-26 | N/A | 7.5 HIGH |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a denial of service by making the GitLab instance unresponsive due to improper input validation in GraphQL request processing. | |||||
| CVE-2026-33123 | 1 Pypdf Project | 1 Pypdf | 2026-03-23 | N/A | 6.5 MEDIUM |
| pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to craft a malicious PDF which leads to long runtimes and/or large memory usage. Exploitation requires accessing an array-based stream with many entries. This issue has been fixed in version 6.9.1. | |||||