|
241
|
9.9 |
CRITICAL
Network
|
-
|
-
|
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header va…
New
|
CWE-93
CWE-444
CRLF Injection
HTTP Request Smuggling
|
CVE-2026-45372
|
2026-05-30 05:23 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
242
|
5.3 |
MEDIUM
Network
|
-
|
-
|
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process cras…
New
|
CWE-20
CWE-770
CWE-1285
Improper Input Validation
Allocation of Resources Without Limits or Throttling
Improper Validation of Specified Index, Position, or Offset in Input
|
CVE-2026-45352
|
2026-05-30 05:23 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
243
|
- |
|
-
|
-
|
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, When the server has called Server::set_trusted_proxies() with a non-empty trusted-proxy list, an att…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-46527
|
2026-05-30 05:23 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
244
|
8.8 |
HIGH
Network
|
-
|
-
|
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel …
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-44420
|
2026-05-30 05:22 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245
|
8.8 |
HIGH
Network
|
-
|
-
|
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs.…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-44421
|
2026-05-30 05:22 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246
|
7.5 |
HIGH
Network
|
-
|
-
|
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without track…
New
|
CWE-415
CWE-416
Double Free
Use After Free
|
CVE-2026-44422
|
2026-05-30 05:22 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247
|
- |
|
-
|
-
|
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/pl…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-45700
|
2026-05-30 05:22 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248
|
- |
|
-
|
-
|
NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quic_stream_recv can dereference a null substream pointer when a substream is in reopen state. The code fi…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-45151
|
2026-05-30 05:21 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249
|
5.3 |
MEDIUM
Network
|
-
|
-
|
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.219, the password reset endpoint returns visually distinct responses depending on whether the submitted…
New
|
CWE-203
CWE-204
Information Exposure Through Discrepancy
Response Discrepancy Information Exposure
|
CVE-2026-45294
|
2026-05-30 05:21 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250
|
3.3 |
LOW
Physics
|
-
|
-
|
Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vul…
New
|
CWE-415
Double Free
|
CVE-2026-45324
|
2026-05-30 05:21 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
