CVE-2026-56814: CWE-770 Allocation of Resources Without Limits or Throttling in elixir-plug plug
Plug.Parsers.MULTIPART in the elixir-plug library does not fully enforce its configured :length limit on multipart request bodies, allowing unauthenticated attackers to send many empty-body file…
Read the full articleYou might also wanna read
Technical Analysis of CVE-2025-53149: Heap-based Buffer Overflow in Windows Kernel Streaming Driver
Technical deep-dive into CVE-2025-53149, a heap-based buffer overflow in the Windows Kernel Streaming WOW Thunk Service driver (ksthunk.sys)

WAF - WAF Release - 2026-05-15 - Emergency
This emergency release introduces two new rules to detect nginx heap buffer overflow and heap spray exploitation attempts targeting the rewr
CVE-2026-12043: Heap Double-Free Vulnerability Discovered in AWS Common Runtime aws-c-http Library
Bulletin ID: 2026-043-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/12/2026 11:45 AM PDT
Proof-of-Concept Exploit Released for Critical NGINX Heap Buffer Overflow (CVE-2026-42945)
exploit for CVE-2026-42945. Contribute to DepthFirstDisclosures/Nginx-Rift development by creating an account on GitHub.

CVE-2026-11462: Improper Authorization Vulnerability in BeikeShop Stripe Plugin (Up to v1.6.0.22)
A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. This impacts the function callback of the file p

CVE-2025-14098: Heap Buffer Overflow Vulnerability in Avira Antivirus Engine (Pre-8.3.70.104)
Heap buffer out-of-bounds write vulnerability due to integer overflow in Avira Antivirus engine when scanning a malformed MS-DOS executable

Comments
Sign in to join the conversation.
No comments yet. Be the first.