Every CVE whose affected-product data names Gnu Libmicrohttpd, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-3466 — CVSS 9.8 (critical): A flaw was found in libmicrohttpd. A missing bounds check in the post_process_urlencoded function leads to a buffer overflow, allowing a…
CVE-2025-59777 — CVSS 7.5 (high): NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the…
CVE-2025-62689 — CVSS 7.5 (high): NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the…
CVE-2013-7038 — CVSS 6.4 (medium): The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a…
CVE-2023-27371 — CVSS 5.9 (medium): GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the…
CVE-2013-7039 — CVSS 5.1 (medium): Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT…