Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-33600
An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.
CVSS Score
4.4
EPSS Score
0.0
Published
2026-04-22
CVE-2026-33601
If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.
CVSS Score
4.4
EPSS Score
0.0
Published
2026-04-22
CVE-2026-33256
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-04-22
CVE-2026-33257
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-04-22
CVE-2026-33258
By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC(3) caches.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-04-22
CVE-2026-33259
Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider.
CVSS Score
5.0
EPSS Score
0.0
Published
2026-04-22
CVE-2026-33260
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-04-22
CVE-2026-33261
A zone transition from NSEC to NSEC3 might trigger an internal inconsistency and cause a denial of service.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-04-22
CVE-2026-33262
An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are disabled by default.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-04-22
CVE-2026-6839
Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE Affected version is prior to commit 1.30.0.
CVSS Score
6.6
EPSS Score
0.0
Published
2026-04-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved