|
361
|
7.5 |
HIGH
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, a memory exhaustion vulnerability in the Netty HTTP/3 codec allows the creatio…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-48748
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
362
|
7.5 |
HIGH
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial c…
New
|
CWE-400
CWE-770
Uncontrolled Resource Consumption
Allocation of Resources Without Limits or Throttling
|
CVE-2026-50011
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363
|
- |
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the RedisArrayAggregator handler permanently leaks pooled d…
New
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-48006
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. In netty-codec-http2 prior to versions 4.1.135.Final and 4.2.15.Final, the `DelegatingDecompressorFrameListen…
New
|
CWE-400
CWE-401
Uncontrolled Resource Consumption
Missing Release of Memory after Effective Lifetime
|
CVE-2026-48043
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
365
|
- |
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native o…
New
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-48059
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
366
|
4.8 |
MEDIUM
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using th…
New
|
CWE-200
CWE-330
Information Exposure
Use of Insufficiently Random Values
|
CVE-2026-50009
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
367
|
7.5 |
HIGH
Network
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SimpleTrustManagerFactory.engineGetTrustManagers() and rela…
New
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2026-50010
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
368
|
- |
|
-
|
-
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty HTTP/2 max header size handling produces an attack si…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-50560
|
2026-06-13 01:18 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
369
|
- |
|
-
|
-
|
Frappe is a full-stack web application framework. Prior to versions 15.107.2 and 16.17.4, DB Schema Enumeration is possible through exploiting an endpoint. This issue has been patched in versions 15.…
New
|
CWE-200
Information Exposure
|
CVE-2026-44206
|
2026-06-13 01:17 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
370
|
- |
|
-
|
-
|
Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, an IDOR vulnerability allows authenticated users to access other users' email configuration details. This iss…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-44207
|
2026-06-13 01:17 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
