Vinyl-cache Vinyl Cache — known CVE vulnerabilities
Every CVE whose affected-product data names Vinyl-cache Vinyl Cache, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2026-34475 — CVSS 5.4 (medium): Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of /…
CVE-2026-40394 — CVSS 4.0 (medium): Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service (daemon panic) for…
CVE-2026-40396 — CVSS 4.0 (medium): Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service (daemon panic) after timeout_linger. A malicious client could…