CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
CVE-2026-10069 (GCVE-0-2026-10069)
Vulnerability from cvelistv5 – Published: 2026-05-29 16:00 – Updated: 2026-06-02 01:37 Unsupported When Assigned
VLAI
Title
Shibby Tomato miniupnpd resource consumption
Summary
A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of the file usr/sbin/miniupnpd. Such manipulation leads to resource consumption. The attack may be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367155 | vdb-entry |
| https://vuldb.com/vuln/367155/cti | signaturepermissions-required |
| https://vuldb.com/submit/818238 | third-party-advisory |
| https://gitee.com/Fengyi-Wang/CVE/issues/IJD8SP | issue-tracking |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10069",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-02T01:37:25.771025Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T01:37:57.528Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://gitee.com/Fengyi-Wang/CVE/issues/IJD8SP"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:shibby:tomato:*:*:*:*:*:*:*:*"
],
"product": "Tomato",
"vendor": "Shibby",
"versions": [
{
"status": "affected",
"version": "1.28"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB Gitee Analyzer"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Shibby Tomato 1.28. The impacted element is an unknown function of the file usr/sbin/miniupnpd. Such manipulation leads to resource consumption. The attack may be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-29T16:00:12.420Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367155 | Shibby Tomato miniupnpd resource consumption",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/367155"
},
{
"name": "VDB-367155 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367155/cti"
},
{
"name": "Submit #818238 | Tomato by Shibby Tomato Firmware 1.28 Resource Exhaustion",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/818238"
},
{
"tags": [
"issue-tracking"
],
"url": "https://gitee.com/Fengyi-Wang/CVE/issues/IJD8SP"
}
],
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-29T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-29T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-29T10:38:16.000Z",
"value": "VulDB entry last update"
}
],
"title": "Shibby Tomato miniupnpd resource consumption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10069",
"datePublished": "2026-05-29T16:00:12.420Z",
"dateReserved": "2026-05-29T08:32:38.317Z",
"dateUpdated": "2026-06-02T01:37:57.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10143 (GCVE-0-2026-10143)
Vulnerability from cvelistv5 – Published: 2026-06-10 20:22 – Updated: 2026-06-11 13:24
VLAI
Title
kafka-python prior to 2.3.2 DoS via SCRAM Iteration Count in scram.py
Summary
kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.process_server_first_message() passes the broker-controlled SCRAM iteration count directly to hashlib.pbkdf2_hmac() without validation, blocking producer sends, consumer polls, admin operations, and heartbeats, which can cause consumer group eviction and repeated reconnect failures.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/dpkp/kafka-python/pull/3019 | technical-description |
| https://github.com/dpkp/kafka-python/commit/6e483… | patch |
| https://github.com/dpkp/kafka-python/pull/3026 | |
| https://www.vulncheck.com/advisories/kafka-python… | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dana Powers | kafka-python |
Affected:
0 , < 2.3.2
(git)
|
Date Public
2026-06-10 20:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10143",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-11T13:10:04.299411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T13:24:52.138Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/dpkp/kafka-python",
"defaultStatus": "unknown",
"product": "kafka-python",
"vendor": "Dana Powers",
"versions": [
{
"lessThan": "2.3.2",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Katriel Moses"
}
],
"datePublic": "2026-06-10T20:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ekafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.process_server_first_message() passes the broker-controlled SCRAM iteration count directly to hashlib.pbkdf2_hmac() without validation, blocking producer sends, consumer polls, admin operations, and heartbeats, which can cause consumer group eviction and repeated reconnect failures.\u003c/p\u003e"
}
],
"value": "kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.process_server_first_message() passes the broker-controlled SCRAM iteration count directly to hashlib.pbkdf2_hmac() without validation, blocking producer sends, consumer polls, admin operations, and heartbeats, which can cause consumer group eviction and repeated reconnect failures."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-10T20:22:39.262Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"technical-description"
],
"url": "https://github.com/dpkp/kafka-python/pull/3019"
},
{
"tags": [
"patch"
],
"url": "https://github.com/dpkp/kafka-python/commit/6e4831444f972d169cdd11f5c8d50333cea3f19b"
},
{
"url": "https://github.com/dpkp/kafka-python/pull/3026"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/kafka-python-prior-to-dos-via-scram-iteration-count-in-scram-py"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "kafka-python prior to 2.3.2 DoS via SCRAM Iteration Count in scram.py"
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2026-10143",
"datePublished": "2026-06-10T20:22:39.262Z",
"dateReserved": "2026-05-29T21:38:34.147Z",
"dateUpdated": "2026-06-11T13:24:52.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10156 (GCVE-0-2026-10156)
Vulnerability from cvelistv5 – Published: 2026-05-30 23:45 – Updated: 2026-06-01 14:54
VLAI
Title
Open5GS nf-instances Endpoint nnrf-handler.c handle_amf_info resource consumption
Summary
A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handle_amf_info in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nf_info_pool can lead to resource consumption. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. Applying a patch is advised to resolve this issue. The issue report is flagged as already-fixed.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367409 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/367409/cti | signaturepermissions-required |
| https://vuldb.com/submit/818598 | third-party-advisory |
| https://github.com/open5gs/open5gs/issues/4480 | exploitissue-tracking |
| https://github.com/open5gs/open5gs/ | product |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10156",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T14:46:58.534422Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T14:54:38.404Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*"
],
"modules": [
"nf-instances Endpoint"
],
"product": "Open5GS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.7.0"
},
{
"status": "affected",
"version": "2.7.1"
},
{
"status": "affected",
"version": "2.7.2"
},
{
"status": "affected",
"version": "2.7.3"
},
{
"status": "affected",
"version": "2.7.4"
},
{
"status": "affected",
"version": "2.7.5"
},
{
"status": "affected",
"version": "2.7.6"
},
{
"status": "affected",
"version": "2.7.7"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "FrankyLin (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handle_amf_info in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulation of the argument nf_info_pool can lead to resource consumption. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. Applying a patch is advised to resolve this issue. The issue report is flagged as already-fixed."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-30T23:45:09.307Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367409 | Open5GS nf-instances Endpoint nnrf-handler.c handle_amf_info resource consumption",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/367409"
},
{
"name": "VDB-367409 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367409/cti"
},
{
"name": "Submit #818598 | Open5GS NRF v2.7.7 Denial of Service",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/818598"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/open5gs/open5gs/issues/4480"
},
{
"tags": [
"product"
],
"url": "https://github.com/open5gs/open5gs/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-30T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-30T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-30T08:10:07.000Z",
"value": "VulDB entry last update"
}
],
"title": "Open5GS nf-instances Endpoint nnrf-handler.c handle_amf_info resource consumption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10156",
"datePublished": "2026-05-30T23:45:09.307Z",
"dateReserved": "2026-05-30T06:04:59.295Z",
"dateUpdated": "2026-06-01T14:54:38.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10224 (GCVE-0-2026-10224)
Vulnerability from cvelistv5 – Published: 2026-06-01 04:30 – Updated: 2026-06-01 15:23
VLAI
Title
NousResearch hermes-agent Webhook Endpoint feishu.py _handle_webhook_request resource consumption
Summary
A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. This vulnerability affects the function _handle_webhook_request of the file gateway/platforms/feishu.py of the component Webhook Endpoint. Such manipulation leads to resource consumption. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367503 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/367503/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10224 | third-party-advisory |
| https://vuldb.com/submit/822022 | third-party-advisory |
| https://gist.github.com/YLChen-007/0304e313d811f1… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NousResearch | hermes-agent |
Affected:
2026.4.0
Affected: 2026.4.1 Affected: 2026.4.2 Affected: 2026.4.3 Affected: 2026.4.4 Affected: 2026.4.5 Affected: 2026.4.6 Affected: 2026.4.7 Affected: 2026.4.8 Affected: 2026.4.9 Affected: 2026.4.10 Affected: 2026.4.11 Affected: 2026.4.12 Affected: 2026.4.13 Affected: 2026.4.14 Affected: 2026.4.15 Affected: 2026.4.16 Affected: 2026.4.17 Affected: 2026.4.18 Affected: 2026.4.19 Affected: 2026.4.20 Affected: 2026.4.21 Affected: 2026.4.22 Affected: 2026.4.23 Affected: 2026.4.24 Affected: 2026.4.25 Affected: 2026.4.26 Affected: 2026.4.27 Affected: 2026.4.28 Affected: 2026.4.29 Affected: 2026.4.30 cpe:2.3:a:nousresearch:hermes-agent:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10224",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T15:17:27.870597Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T15:23:38.699Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:nousresearch:hermes-agent:*:*:*:*:*:*:*:*"
],
"modules": [
"Webhook Endpoint"
],
"product": "hermes-agent",
"vendor": "NousResearch",
"versions": [
{
"status": "affected",
"version": "2026.4.0"
},
{
"status": "affected",
"version": "2026.4.1"
},
{
"status": "affected",
"version": "2026.4.2"
},
{
"status": "affected",
"version": "2026.4.3"
},
{
"status": "affected",
"version": "2026.4.4"
},
{
"status": "affected",
"version": "2026.4.5"
},
{
"status": "affected",
"version": "2026.4.6"
},
{
"status": "affected",
"version": "2026.4.7"
},
{
"status": "affected",
"version": "2026.4.8"
},
{
"status": "affected",
"version": "2026.4.9"
},
{
"status": "affected",
"version": "2026.4.10"
},
{
"status": "affected",
"version": "2026.4.11"
},
{
"status": "affected",
"version": "2026.4.12"
},
{
"status": "affected",
"version": "2026.4.13"
},
{
"status": "affected",
"version": "2026.4.14"
},
{
"status": "affected",
"version": "2026.4.15"
},
{
"status": "affected",
"version": "2026.4.16"
},
{
"status": "affected",
"version": "2026.4.17"
},
{
"status": "affected",
"version": "2026.4.18"
},
{
"status": "affected",
"version": "2026.4.19"
},
{
"status": "affected",
"version": "2026.4.20"
},
{
"status": "affected",
"version": "2026.4.21"
},
{
"status": "affected",
"version": "2026.4.22"
},
{
"status": "affected",
"version": "2026.4.23"
},
{
"status": "affected",
"version": "2026.4.24"
},
{
"status": "affected",
"version": "2026.4.25"
},
{
"status": "affected",
"version": "2026.4.26"
},
{
"status": "affected",
"version": "2026.4.27"
},
{
"status": "affected",
"version": "2026.4.28"
},
{
"status": "affected",
"version": "2026.4.29"
},
{
"status": "affected",
"version": "2026.4.30"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Eric-j (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. This vulnerability affects the function _handle_webhook_request of the file gateway/platforms/feishu.py of the component Webhook Endpoint. Such manipulation leads to resource consumption. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T04:30:08.987Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367503 | NousResearch hermes-agent Webhook Endpoint feishu.py _handle_webhook_request resource consumption",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/367503"
},
{
"name": "VDB-367503 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367503/cti"
},
{
"name": "CVE-2026-10224 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10224"
},
{
"name": "Submit #822022 | NousResearch hermes-agent \u003c= v2026.4.30 Uncontrolled Resource Consumption (CWE-400)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/822022"
},
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/YLChen-007/0304e313d811f187ade93d3b01de0f87"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-31T09:56:48.000Z",
"value": "VulDB entry last update"
}
],
"title": "NousResearch hermes-agent Webhook Endpoint feishu.py _handle_webhook_request resource consumption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10224",
"datePublished": "2026-06-01T04:30:08.987Z",
"dateReserved": "2026-05-31T07:51:32.069Z",
"dateUpdated": "2026-06-01T15:23:38.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10291 (GCVE-0-2026-10291)
Vulnerability from cvelistv5 – Published: 2026-06-01 20:45 – Updated: 2026-06-02 15:45 X_Open Source
VLAI
Title
Enderfga claw-orchestrator Session Grep Endpoint embedded-server.ts validateRegex redos
Summary
A security vulnerability has been detected in Enderfga claw-orchestrator up to 3.7.0. The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-server.ts of the component Session Grep Endpoint. The manipulation of the argument body.pattern leads to inefficient regular expression complexity. The attack may be initiated remotely. Upgrading to version 3.7.1 is sufficient to resolve this issue. The identifier of the patch is 3f970a974c65a94555c25af9f2796f11315e4584. It is recommended to upgrade the affected component.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367584 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/367584/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10291 | third-party-advisory |
| https://vuldb.com/submit/826222 | third-party-advisory |
| https://github.com/Enderfga/claw-orchestrator/issues/64 | issue-tracking |
| https://github.com/Enderfga/claw-orchestrator/iss… | issue-tracking |
| https://github.com/Enderfga/claw-orchestrator/com… | patch |
| https://github.com/Enderfga/claw-orchestrator/rel… | patch |
| https://github.com/Enderfga/claw-orchestrator/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Enderfga | claw-orchestrator |
Affected:
3.0
Affected: 3.1 Affected: 3.2 Affected: 3.3 Affected: 3.4 Affected: 3.5 Affected: 3.6 Affected: 3.7.0 Unaffected: 3.7.1 cpe:2.3:a:enderfga:claw-orchestrator:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10291",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-02T15:43:30.758523Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T15:45:36.997Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/Enderfga/claw-orchestrator/issues/64"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:enderfga:claw-orchestrator:*:*:*:*:*:*:*:*"
],
"modules": [
"Session Grep Endpoint"
],
"product": "claw-orchestrator",
"vendor": "Enderfga",
"versions": [
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.3"
},
{
"status": "affected",
"version": "3.4"
},
{
"status": "affected",
"version": "3.5"
},
{
"status": "affected",
"version": "3.6"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "unaffected",
"version": "3.7.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ybdesire (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in Enderfga claw-orchestrator up to 3.7.0. The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-server.ts of the component Session Grep Endpoint. The manipulation of the argument body.pattern leads to inefficient regular expression complexity. The attack may be initiated remotely. Upgrading to version 3.7.1 is sufficient to resolve this issue. The identifier of the patch is 3f970a974c65a94555c25af9f2796f11315e4584. It is recommended to upgrade the affected component."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P/E:ND/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T20:45:10.390Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367584 | Enderfga claw-orchestrator Session Grep Endpoint embedded-server.ts validateRegex redos",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/367584"
},
{
"name": "VDB-367584 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367584/cti"
},
{
"name": "CVE-2026-10291 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10291"
},
{
"name": "Submit #826222 | Enderfga claw-orchestrator v2.7.0-v3.7.0 Inefficient Regular Expression Complexity",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/826222"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Enderfga/claw-orchestrator/issues/64"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Enderfga/claw-orchestrator/issues/64#issuecomment-4421942196"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Enderfga/claw-orchestrator/commit/3f970a974c65a94555c25af9f2796f11315e4584"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Enderfga/claw-orchestrator/releases/tag/v3.7.1"
},
{
"tags": [
"product"
],
"url": "https://github.com/Enderfga/claw-orchestrator/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-31T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-31T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-31T19:48:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "Enderfga claw-orchestrator Session Grep Endpoint embedded-server.ts validateRegex redos"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10291",
"datePublished": "2026-06-01T20:45:10.390Z",
"dateReserved": "2026-05-31T17:43:01.679Z",
"dateUpdated": "2026-06-02T15:45:36.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10650 (GCVE-0-2026-10650)
Vulnerability from cvelistv5 – Published: 2026-06-02 21:15 – Updated: 2026-06-03 14:04 X_Open Source
VLAI
Title
warmcat libwebsockets SSH Protocol sshd.c lws_ssh_parse_plaintext resource consumption
Summary
A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msg_len can lead to resource consumption. The attack may be launched remotely. The exploit has been published and may be used. This patch is called 3f9f0c6ecaf0e6f3f219d30632c5d1f2479d7498. A patch should be applied to remediate this issue.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367955 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/367955/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10650 | third-party-advisory |
| https://vuldb.com/submit/830261 | third-party-advisory |
| https://github.com/biniamf/pocs/tree/main/libwebs… | exploit |
| https://github.com/biniamf/pocs/blob/main/libwebs… | exploit |
| https://github.com/warmcat/libwebsockets/commit/3… | patch |
| https://github.com/warmcat/libwebsockets/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| warmcat | libwebsockets |
Affected:
4.5.0
Affected: 4.5.1 Affected: 4.5.2 Affected: 4.5.3 Affected: 4.5.4 Affected: 4.5.5 Affected: 4.5.6 Affected: 4.5.7 Affected: 4.5.8 cpe:2.3:a:warmcat:libwebsockets:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10650",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-03T14:04:17.007618Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T14:04:31.919Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:warmcat:libwebsockets:*:*:*:*:*:*:*:*"
],
"modules": [
"SSH Protocol Handler"
],
"product": "libwebsockets",
"vendor": "warmcat",
"versions": [
{
"status": "affected",
"version": "4.5.0"
},
{
"status": "affected",
"version": "4.5.1"
},
{
"status": "affected",
"version": "4.5.2"
},
{
"status": "affected",
"version": "4.5.3"
},
{
"status": "affected",
"version": "4.5.4"
},
{
"status": "affected",
"version": "4.5.5"
},
{
"status": "affected",
"version": "4.5.6"
},
{
"status": "affected",
"version": "4.5.7"
},
{
"status": "affected",
"version": "4.5.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "biniam (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msg_len can lead to resource consumption. The attack may be launched remotely. The exploit has been published and may be used. This patch is called 3f9f0c6ecaf0e6f3f219d30632c5d1f2479d7498. A patch should be applied to remediate this issue."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T21:15:10.566Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367955 | warmcat libwebsockets SSH Protocol sshd.c lws_ssh_parse_plaintext resource consumption",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/367955"
},
{
"name": "VDB-367955 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367955/cti"
},
{
"name": "CVE-2026-10650 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10650"
},
{
"name": "Submit #830261 | warmcat libwebsockets 4.5.99-v4.5.0-382-g4a63b9333 Uncontrolled Memory Allocation",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/830261"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/biniamf/pocs/tree/main/libwebsockets_sshd-parse-ic-unbounded-alloc"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/biniamf/pocs/blob/main/libwebsockets_sshd-parse-ic-unbounded-alloc/poc_sshd_unbounded_alloc.py"
},
{
"tags": [
"patch"
],
"url": "https://github.com/warmcat/libwebsockets/commit/3f9f0c6ecaf0e6f3f219d30632c5d1f2479d7498"
},
{
"tags": [
"product"
],
"url": "https://github.com/warmcat/libwebsockets/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-06-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-02T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-02T17:24:23.000Z",
"value": "VulDB entry last update"
}
],
"title": "warmcat libwebsockets SSH Protocol sshd.c lws_ssh_parse_plaintext resource consumption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10650",
"datePublished": "2026-06-02T21:15:10.566Z",
"dateReserved": "2026-06-02T15:19:20.070Z",
"dateUpdated": "2026-06-03T14:04:31.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10691 (GCVE-0-2026-10691)
Vulnerability from cvelistv5 – Published: 2026-06-02 23:30 – Updated: 2026-06-03 13:47 X_Open Source
VLAI
Title
wonderwhy-er DesktopCommanderMCP start_search search-manager.ts redos
Summary
A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component start_search. Performing a manipulation of the argument SearchResult[] results in inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. Upgrading to version 0.2.39 will fix this issue. The patch is named 4ce845f8749b6a159b57b38dcc3357f7222a8078. It is suggested to upgrade the affected component.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367960 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/367960/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10691 | third-party-advisory |
| https://vuldb.com/submit/830746 | third-party-advisory |
| https://github.com/wonderwhy-er/DesktopCommanderM… | exploitissue-tracking |
| https://github.com/wonderwhy-er/DesktopCommanderM… | issue-trackingpatch |
| https://github.com/wonderwhy-er/DesktopCommanderM… | patch |
| https://github.com/wonderwhy-er/DesktopCommanderM… | patch |
| https://github.com/wonderwhy-er/DesktopCommanderMCP/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| wonderwhy-er | DesktopCommanderMCP |
Affected:
0.2.0
Affected: 0.2.1 Affected: 0.2.2 Affected: 0.2.3 Affected: 0.2.4 Affected: 0.2.5 Affected: 0.2.6 Affected: 0.2.7 Affected: 0.2.8 Affected: 0.2.9 Affected: 0.2.10 Affected: 0.2.11 Affected: 0.2.12 Affected: 0.2.13 Affected: 0.2.14 Affected: 0.2.15 Affected: 0.2.16 Affected: 0.2.17 Affected: 0.2.18 Affected: 0.2.19 Affected: 0.2.20 Affected: 0.2.21 Affected: 0.2.22 Affected: 0.2.23 Affected: 0.2.24 Affected: 0.2.25 Affected: 0.2.26 Affected: 0.2.27 Affected: 0.2.28 Affected: 0.2.29 Affected: 0.2.30 Affected: 0.2.31 Affected: 0.2.32 Affected: 0.2.33 Affected: 0.2.34 Affected: 0.2.35 Affected: 0.2.36 Affected: 0.2.37 Affected: 0.2.38 Unaffected: 0.2.39 cpe:2.3:a:wonderwhy-er:desktopcommandermcp:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10691",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-03T13:46:45.461875Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T13:47:07.613Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:wonderwhy-er:desktopcommandermcp:*:*:*:*:*:*:*:*"
],
"modules": [
"start_search"
],
"product": "DesktopCommanderMCP",
"vendor": "wonderwhy-er",
"versions": [
{
"status": "affected",
"version": "0.2.0"
},
{
"status": "affected",
"version": "0.2.1"
},
{
"status": "affected",
"version": "0.2.2"
},
{
"status": "affected",
"version": "0.2.3"
},
{
"status": "affected",
"version": "0.2.4"
},
{
"status": "affected",
"version": "0.2.5"
},
{
"status": "affected",
"version": "0.2.6"
},
{
"status": "affected",
"version": "0.2.7"
},
{
"status": "affected",
"version": "0.2.8"
},
{
"status": "affected",
"version": "0.2.9"
},
{
"status": "affected",
"version": "0.2.10"
},
{
"status": "affected",
"version": "0.2.11"
},
{
"status": "affected",
"version": "0.2.12"
},
{
"status": "affected",
"version": "0.2.13"
},
{
"status": "affected",
"version": "0.2.14"
},
{
"status": "affected",
"version": "0.2.15"
},
{
"status": "affected",
"version": "0.2.16"
},
{
"status": "affected",
"version": "0.2.17"
},
{
"status": "affected",
"version": "0.2.18"
},
{
"status": "affected",
"version": "0.2.19"
},
{
"status": "affected",
"version": "0.2.20"
},
{
"status": "affected",
"version": "0.2.21"
},
{
"status": "affected",
"version": "0.2.22"
},
{
"status": "affected",
"version": "0.2.23"
},
{
"status": "affected",
"version": "0.2.24"
},
{
"status": "affected",
"version": "0.2.25"
},
{
"status": "affected",
"version": "0.2.26"
},
{
"status": "affected",
"version": "0.2.27"
},
{
"status": "affected",
"version": "0.2.28"
},
{
"status": "affected",
"version": "0.2.29"
},
{
"status": "affected",
"version": "0.2.30"
},
{
"status": "affected",
"version": "0.2.31"
},
{
"status": "affected",
"version": "0.2.32"
},
{
"status": "affected",
"version": "0.2.33"
},
{
"status": "affected",
"version": "0.2.34"
},
{
"status": "affected",
"version": "0.2.35"
},
{
"status": "affected",
"version": "0.2.36"
},
{
"status": "affected",
"version": "0.2.37"
},
{
"status": "affected",
"version": "0.2.38"
},
{
"status": "unaffected",
"version": "0.2.39"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "skywings (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component start_search. Performing a manipulation of the argument SearchResult[] results in inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. Upgrading to version 0.2.39 will fix this issue. The patch is named 4ce845f8749b6a159b57b38dcc3357f7222a8078. It is suggested to upgrade the affected component."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T23:30:14.612Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367960 | wonderwhy-er DesktopCommanderMCP start_search search-manager.ts redos",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/367960"
},
{
"name": "VDB-367960 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367960/cti"
},
{
"name": "CVE-2026-10691 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10691"
},
{
"name": "Submit #830746 | wonderwhy-er DesktopCommanderMCP 0.2.37 Denial of Service",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/830746"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/wonderwhy-er/DesktopCommanderMCP/issues/375"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/wonderwhy-er/DesktopCommanderMCP/pull/400"
},
{
"tags": [
"patch"
],
"url": "https://github.com/wonderwhy-er/DesktopCommanderMCP/commit/4ce845f8749b6a159b57b38dcc3357f7222a8078"
},
{
"tags": [
"patch"
],
"url": "https://github.com/wonderwhy-er/DesktopCommanderMCP/releases/tag/v0.2.39"
},
{
"tags": [
"product"
],
"url": "https://github.com/wonderwhy-er/DesktopCommanderMCP/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-06-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-02T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-02T17:45:49.000Z",
"value": "VulDB entry last update"
}
],
"title": "wonderwhy-er DesktopCommanderMCP start_search search-manager.ts redos"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10691",
"datePublished": "2026-06-02T23:30:14.612Z",
"dateReserved": "2026-06-02T15:40:41.889Z",
"dateUpdated": "2026-06-03T13:47:07.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10692 (GCVE-0-2026-10692)
Vulnerability from cvelistv5 – Published: 2026-06-02 23:45 – Updated: 2026-06-03 14:10 X_Open Source
VLAI
Title
johnhuang316 code-index-mcp search_code_advanced is_safe_regex_pattern redos
Summary
A weakness has been identified in johnhuang316 code-index-mcp up to 2.14.0. Affected is the function is_safe_regex_pattern of the component search_code_advanced. Executing a manipulation of the argument regex can lead to inefficient regular expression complexity. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 2.14.1 is able to address this issue. This patch is called 25bc02fac74051ddae15ce79e952f00211b1ea6b. Upgrading the affected component is recommended.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/367961 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/367961/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10692 | third-party-advisory |
| https://vuldb.com/submit/830786 | third-party-advisory |
| https://github.com/johnhuang316/code-index-mcp/is… | exploitissue-tracking |
| https://github.com/johnhuang316/code-index-mcp/co… | patch |
| https://github.com/johnhuang316/code-index-mcp/re… | patch |
| https://github.com/johnhuang316/code-index-mcp/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| johnhuang316 | code-index-mcp |
Affected:
2.0
Affected: 2.1 Affected: 2.2 Affected: 2.3 Affected: 2.4 Affected: 2.5 Affected: 2.6 Affected: 2.7 Affected: 2.8 Affected: 2.9 Affected: 2.10 Affected: 2.11 Affected: 2.12 Affected: 2.13 Affected: 2.14.0 Unaffected: 2.14.1 cpe:2.3:a:johnhuang316:code-index-mcp:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10692",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-03T14:10:14.252640Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T14:10:25.259Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:johnhuang316:code-index-mcp:*:*:*:*:*:*:*:*"
],
"modules": [
"search_code_advanced"
],
"product": "code-index-mcp",
"vendor": "johnhuang316",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "2.3"
},
{
"status": "affected",
"version": "2.4"
},
{
"status": "affected",
"version": "2.5"
},
{
"status": "affected",
"version": "2.6"
},
{
"status": "affected",
"version": "2.7"
},
{
"status": "affected",
"version": "2.8"
},
{
"status": "affected",
"version": "2.9"
},
{
"status": "affected",
"version": "2.10"
},
{
"status": "affected",
"version": "2.11"
},
{
"status": "affected",
"version": "2.12"
},
{
"status": "affected",
"version": "2.13"
},
{
"status": "affected",
"version": "2.14.0"
},
{
"status": "unaffected",
"version": "2.14.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "skywings (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in johnhuang316 code-index-mcp up to 2.14.0. Affected is the function is_safe_regex_pattern of the component search_code_advanced. Executing a manipulation of the argument regex can lead to inefficient regular expression complexity. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 2.14.1 is able to address this issue. This patch is called 25bc02fac74051ddae15ce79e952f00211b1ea6b. Upgrading the affected component is recommended."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T23:45:12.046Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-367961 | johnhuang316 code-index-mcp search_code_advanced is_safe_regex_pattern redos",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/367961"
},
{
"name": "VDB-367961 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/367961/cti"
},
{
"name": "CVE-2026-10692 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10692"
},
{
"name": "Submit #830786 | johnhuang316 code-index-mcp Latest Denial of Service",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/830786"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/johnhuang316/code-index-mcp/issues/84"
},
{
"tags": [
"patch"
],
"url": "https://github.com/johnhuang316/code-index-mcp/commit/25bc02fac74051ddae15ce79e952f00211b1ea6b"
},
{
"tags": [
"patch"
],
"url": "https://github.com/johnhuang316/code-index-mcp/releases/tag/v2.14.1"
},
{
"tags": [
"product"
],
"url": "https://github.com/johnhuang316/code-index-mcp/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-06-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-02T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-02T17:48:32.000Z",
"value": "VulDB entry last update"
}
],
"title": "johnhuang316 code-index-mcp search_code_advanced is_safe_regex_pattern redos"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10692",
"datePublished": "2026-06-02T23:45:12.046Z",
"dateReserved": "2026-06-02T15:43:28.477Z",
"dateUpdated": "2026-06-03T14:10:25.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10705 (GCVE-0-2026-10705)
Vulnerability from cvelistv5 – Published: 2026-06-03 01:15 – Updated: 2026-06-03 14:11
VLAI
Title
dask HLL hyperloglog.py nunique_approx resource consumption
Summary
A flaw has been found in dask up to 3.0. Affected by this issue is the function nunique_approx of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The pull request to fix this issue awaits acceptance.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/368018 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/368018/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10705 | third-party-advisory |
| https://vuldb.com/submit/831411 | third-party-advisory |
| https://github.com/dask/dask/issues/12403 | issue-tracking |
| https://github.com/dask/dask/pull/12401 | issue-trackingpatch |
| https://github.com/dask/dask/ | product |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10705",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-03T14:11:33.203540Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T14:11:44.133Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:dask:dask:*:*:*:*:*:*:*:*"
],
"modules": [
"HLL Handler"
],
"product": "dask",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Dem0 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in dask up to 3.0. Affected by this issue is the function nunique_approx of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitation is known to be difficult. The pull request to fix this issue awaits acceptance."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.1,
"vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:P/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T01:15:10.343Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-368018 | dask HLL hyperloglog.py nunique_approx resource consumption",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/368018"
},
{
"name": "VDB-368018 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/368018/cti"
},
{
"name": "CVE-2026-10705 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10705"
},
{
"name": "Submit #831411 | dask 2026.3.0 Algorithmic Complexity / Hash Collision / Denial of Service",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/831411"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/dask/dask/issues/12403"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/dask/dask/pull/12401"
},
{
"tags": [
"product"
],
"url": "https://github.com/dask/dask/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-02T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-02T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-02T19:51:54.000Z",
"value": "VulDB entry last update"
}
],
"title": "dask HLL hyperloglog.py nunique_approx resource consumption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10705",
"datePublished": "2026-06-03T01:15:10.343Z",
"dateReserved": "2026-06-02T17:46:25.630Z",
"dateUpdated": "2026-06-03T14:11:44.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-10802 (GCVE-0-2026-10802)
Vulnerability from cvelistv5 – Published: 2026-06-04 11:15 – Updated: 2026-06-04 12:31
VLAI
Title
keystonejs keystone GraphQL API Endpoint output-field.ts resource consumption
Summary
A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/core/queries/output-field.ts of the component GraphQL API Endpoint. The manipulation results in resource consumption. It is possible to launch the attack remotely. The exploit is now public and may be used. The pull request to fix this issue awaits acceptance.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://vuldb.com/vuln/368251 | vdb-entry |
| https://vuldb.com/vuln/368251/cti | signaturepermissions-required |
| https://vuldb.com/cve/CVE-2026-10802 | third-party-advisory |
| https://vuldb.com/submit/831461 | third-party-advisory |
| https://github.com/keystonejs/keystone/issues/9789 | issue-tracking |
| https://github.com/keystonejs/keystone/pull/9831 | issue-trackingpatch |
| https://gist.github.com/nedlir/043127566507677284… | exploit |
| https://github.com/keystonejs/keystone/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| keystonejs | keystone |
Affected:
20260319
cpe:2.3:a:keystonejs:keystone:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10802",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-04T12:31:14.916360Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T12:31:20.535Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:keystonejs:keystone:*:*:*:*:*:*:*:*"
],
"modules": [
"GraphQL API Endpoint"
],
"product": "keystone",
"vendor": "keystonejs",
"versions": [
{
"status": "affected",
"version": "20260319"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "nedlir (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/core/queries/output-field.ts of the component GraphQL API Endpoint. The manipulation results in resource consumption. It is possible to launch the attack remotely. The exploit is now public and may be used. The pull request to fix this issue awaits acceptance."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-04T11:15:10.397Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-368251 | keystonejs keystone GraphQL API Endpoint output-field.ts resource consumption",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/vuln/368251"
},
{
"name": "VDB-368251 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/368251/cti"
},
{
"name": "CVE-2026-10802 | CVE Analysis and Report",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/cve/CVE-2026-10802"
},
{
"name": "Submit #831461 | Keystone KeystoneJS 2026-03-19 Denial of Service",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/831461"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/keystonejs/keystone/issues/9789"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/keystonejs/keystone/pull/9831"
},
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/nedlir/0431275665076772844ebfe5167e54f6"
},
{
"tags": [
"product"
],
"url": "https://github.com/keystonejs/keystone/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-06-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-06-04T07:07:34.000Z",
"value": "VulDB entry last update"
}
],
"title": "keystonejs keystone GraphQL API Endpoint output-field.ts resource consumption"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-10802",
"datePublished": "2026-06-04T11:15:10.397Z",
"dateReserved": "2026-06-04T05:02:30.479Z",
"dateUpdated": "2026-06-04T12:31:20.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Design throttling mechanisms into the system architecture. The best protection is to limit the amount of resources that an unauthorized user can cause to be expended. A strong authentication and access control model will help prevent such attacks from occurring in the first place. The login application should be protected against DoS attacks as much as possible. Limiting the database access, perhaps by caching result sets, can help minimize the resources expended. To further limit the potential for a DoS attack, consider tracking the rate of requests received from users and blocking requests that exceed a defined rate threshold.
Mitigation
Phase: Architecture and Design
Description:
- Mitigation of resource exhaustion attacks requires that the target system either:
- The first of these solutions is an issue in itself though, since it may allow attackers to prevent the use of the system by a particular valid user. If the attacker impersonates the valid user, they may be able to prevent the user from accessing the server in question.
- The second solution is simply difficult to effectively institute -- and even when properly done, it does not provide a full solution. It simply makes the attack require more resources on the part of the attacker.
- recognizes the attack and denies that user further access for a given amount of time, or
- uniformly throttles all requests in order to make it more difficult to consume resources more quickly than they can again be freed.
Mitigation
Phase: Architecture and Design
Description:
- Ensure that protocols have specific limits of scale placed on them.
Mitigation
Phase: Implementation
Description:
- Ensure that all failures in resource allocation place the system into a safe posture.
CAPEC-147: XML Ping of the Death
An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.
CAPEC-227: Sustained Client Engagement
An adversary attempts to deny legitimate users access to a resource by continually engaging a specific resource in an attempt to keep the resource tied up as long as possible. The adversary's primary goal is not to crash or flood the target, which would alert defenders; rather it is to repeatedly perform actions or abuse algorithmic flaws such that a given resource is tied up and not available to a legitimate user. By carefully crafting a requests that keep the resource engaged through what is seemingly benign requests, legitimate users are limited or completely denied access to the resource.
CAPEC-492: Regular Expression Exponential Blowup
An adversary may execute an attack on a program that uses a poor Regular Expression(Regex) implementation by choosing input that results in an extreme situation for the Regex. A typical extreme situation operates at exponential time compared to the input size. This is due to most implementations using a Nondeterministic Finite Automaton(NFA) state machine to be built by the Regex algorithm since NFA allows backtracking and thus more complex regular expressions.