Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-21619

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hex_api.erl, src/mix_hex_api.erl, apps/rebar/src/vendored/r3_hex_api.erl and program routines hex_core:request/4, mix_hex_api:request/4, r3_hex_api:request/4. This issue affects hex_core: from 0.1.0 before 0.12.1; hex: from 2.3.0 before 2.3.2; rebar3: from 3.9.1 before 3.27.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.3%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2026-21619
  • Erlang » Rebar3 » Version: 3.10.0
    cpe:2.3:a:erlang:rebar3:3.10.0
  • Erlang » Rebar3 » Version: 3.11.0
    cpe:2.3:a:erlang:rebar3:3.11.0
  • Erlang » Rebar3 » Version: 3.11.1
    cpe:2.3:a:erlang:rebar3:3.11.1
  • Erlang » Rebar3 » Version: 3.12.0
    cpe:2.3:a:erlang:rebar3:3.12.0
  • Erlang » Rebar3 » Version: 3.13.0
    cpe:2.3:a:erlang:rebar3:3.13.0
  • Erlang » Rebar3 » Version: 3.13.1
    cpe:2.3:a:erlang:rebar3:3.13.1
  • Erlang » Rebar3 » Version: 3.13.2
    cpe:2.3:a:erlang:rebar3:3.13.2
  • Erlang » Rebar3 » Version: 3.14.0
    cpe:2.3:a:erlang:rebar3:3.14.0
  • Erlang » Rebar3 » Version: 3.14.1
    cpe:2.3:a:erlang:rebar3:3.14.1
  • Erlang » Rebar3 » Version: 3.9.1
    cpe:2.3:a:erlang:rebar3:3.9.1
  • Hex » Hex » Version: Any
    cpe:2.3:a:hex:hex:*
  • Hex » Hex Core » Version: 0.1.0
    cpe:2.3:a:hex:hex_core:0.1.0
  • Hex » Hex Core » Version: 0.1.1
    cpe:2.3:a:hex:hex_core:0.1.1
  • Hex » Hex Core » Version: 0.2.0
    cpe:2.3:a:hex:hex_core:0.2.0
  • Hex » Hex Core » Version: 0.2.1
    cpe:2.3:a:hex:hex_core:0.2.1
  • Hex » Hex Core » Version: 0.3.0
    cpe:2.3:a:hex:hex_core:0.3.0
  • Hex » Hex Core » Version: 0.4.0
    cpe:2.3:a:hex:hex_core:0.4.0
  • Hex » Hex Core » Version: 0.5.0
    cpe:2.3:a:hex:hex_core:0.5.0
  • Hex » Hex Core » Version: 0.5.1
    cpe:2.3:a:hex:hex_core:0.5.1
  • Hex » Hex Core » Version: 0.6.0
    cpe:2.3:a:hex:hex_core:0.6.0
  • Hex » Hex Core » Version: 0.6.1
    cpe:2.3:a:hex:hex_core:0.6.1
  • Hex » Hex Core » Version: 0.6.2
    cpe:2.3:a:hex:hex_core:0.6.2
  • Hex » Hex Core » Version: 0.6.3
    cpe:2.3:a:hex:hex_core:0.6.3
  • Hex » Hex Core » Version: 0.6.4
    cpe:2.3:a:hex:hex_core:0.6.4
  • Hex » Hex Core » Version: 0.6.5
    cpe:2.3:a:hex:hex_core:0.6.5
  • Hex » Hex Core » Version: 0.6.6
    cpe:2.3:a:hex:hex_core:0.6.6
  • Hex » Hex Core » Version: 0.6.7
    cpe:2.3:a:hex:hex_core:0.6.7
  • Hex » Hex Core » Version: 0.6.8
    cpe:2.3:a:hex:hex_core:0.6.8
  • Hex » Hex Core » Version: 0.6.9
    cpe:2.3:a:hex:hex_core:0.6.9
  • Hex » Hex Core » Version: 0.7.0
    cpe:2.3:a:hex:hex_core:0.7.0
  • Hex » Hex Core » Version: 0.7.1
    cpe:2.3:a:hex:hex_core:0.7.1
  • Hex » Hex Core » Version: 0.8.0
    cpe:2.3:a:hex:hex_core:0.8.0
  • Hex » Hex Core » Version: 0.8.1
    cpe:2.3:a:hex:hex_core:0.8.1
  • Hex » Hex Core » Version: 0.8.2
    cpe:2.3:a:hex:hex_core:0.8.2


Products
Pricing
Contact Us

Shodan ® - All rights reserved