CVEs classified under CWE-1050, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2026-4634 — CVSS 7.5 (high): A flaw was found in Keycloak. An unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with…
CVE-2025-67419 — CVSS 7.5 (high): A Denial of Service (DoS) vulnerability in evershop 2.1.0 and prior allows unauthenticated attackers to exhaust the application server's…
CVE-2025-48866 — CVSS 7.5 (high): ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions prior to 2.9.10…
CVE-2025-47947 — CVSS 7.5 (high): ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions up to and including…
CVE-2024-4068 — CVSS 7.5 (high): The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory…
CVE-2023-1390 — CVSS 7.5 (high): A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an…
CVE-2021-41039 — CVSS 7.5 (high): In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause…
CVE-2019-11254 — CVSS 6.5 (medium): The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who…
CVE-2026-22263 — CVSS 5.3 (medium): Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and prior to version 8.0.3, inefficiency in http1 headers parsing…
CVE-2025-32907 — CVSS 5.3 (medium): A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a…
CVE-2026-22261 — CVSS 3.7 (low): Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for…