CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2026-24883 – openSUSE Security Advisory - openSUSE-SU-2026:10112-1
https://notcve.org/view.php?id=CVE-2026-24883
27 Jan 2026 — In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success with sig->data[] set to a NULL value, leading to a denial of service (application crash). • https://dev.gnupg.org/T8049 • CWE-476: NULL Pointer Dereference •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2026-24881 – openSUSE Security Advisory - openSUSE-SU-2026:10112-1
https://notcve.org/view.php?id=CVE-2026-24881
27 Jan 2026 — This can easily be leveraged for denial of service; however, there is also memory corruption that could lead to remote code execution. • https://dev.gnupg.org/T8044 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-33234
https://notcve.org/view.php?id=CVE-2025-33234
27 Jan 2026 — A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvd.nist.gov/vuln/detail/CVE-2025-33234 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2026-1315 – Unauthenticated Denial of Service via Firmware Update Endpoint on TP-Link Tapo C220 & C520WS
https://notcve.org/view.php?id=CVE-2026-1315
27 Jan 2026 — An unauthenticated attacker can trigger a persistent denial of service, requiring a manual reboot or application initiated restart to restore normal device operation. ... An unauthenticated attacker can trigger a persistent denial of service, requiring a manual reboot or application initiated restart to restore normal device operation. • https://www.tp-link.com/en/support/download/tapo-c220/v1 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2026-0919 – Unauthenticated Denial of Service via Oversized URL in HTTP Parser on TP-Link Tapo C220 & C520WS
https://notcve.org/view.php?id=CVE-2026-0919
27 Jan 2026 — An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An invalid‑URL error path continues into cleanup code that assumes allocated buffers exist, leading to a crash and service restart. An unauthenticated attacker can force repeated service crashes or device reboots, causing denial of service. An unauthenticated attacker can force repeated service crashes or device reboots, causing ... • https://www.tp-link.com/en/support/download/tapo-c220/v1 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2026-0918 – Null Pointer Dereference in Tapo SmartCam HTTP Service on TP-Link Tapo C220 & C520WS
https://notcve.org/view.php?id=CVE-2026-0918
27 Jan 2026 — The Tapo C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests containing an excessively large Content-Length header. The resulting failed memory allocation triggers a NULL pointer dereference, causing the main service process to crash. The resulting failed memory allocation triggers a NULL pointer dereference, causing the main service process to crash. An unauthenticated attacker can repeatedly crash the service, causing temporary denial of
CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 0CVE-2026-23881 – Kyverno Denial of Service via Context Variable Amplification in Policy Engine
https://notcve.org/view.php?id=CVE-2026-23881
27 Jan 2026 — Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially amplify string data through context variables. • https://github.com/kyverno/kyverno/commit/7a651be3a8c78dcabfbf4178b8d89026bf3b850f • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2026-24831 – Infinite loop (DoS) in ixray-1.6-stcop
https://notcve.org/view.php?id=CVE-2026-24831
27 Jan 2026 — Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3. • https://github.com/ixray-team/ixray-1.6-stcop/pull/248 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2026-0648
https://notcve.org/view.php?id=CVE-2026-0648
27 Jan 2026 — This vulnerability poses significant risks, including potential denial-of-service attacks (via repeated calls to exhaust the counter pool) and unauthorized memory access. ... This vulnerability poses significant risks, including potential denial-of-service attacks (via repeated calls to exhaust the counter pool) and unauthorized memory access. • https://github.com/eclipse-threadx/threadx/security/advisories/GHSA-xj75-fc68-h4rw • CWE-253: Incorrect Check of Function Return Value •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55102 – Unauthenticated RCE in React and Next.js
https://notcve.org/view.php?id=CVE-2025-55102
27 Jan 2026 — A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "Packet Too Big" with more than 15 different source address can lead to denial of service. • https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-f3rx-xrwm-q2rf • CWE-400: Uncontrolled Resource Consumption CWE-404: Improper Resource Shutdown or Release CWE-770: Allocation of Resources Without Limits or Throttling •