Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-47835
In Spring AI Vector Stores, special characters could be used to force the execution of arbitrary queries in Elasticsearch, OpenSearch, and GemFire VectorDB. Affected components: spring-ai-elasticsearch-store, spring-ai-opensearch-store, spring-ai-gemfire-store. Affected versions: Spring AI 1.0.0 through 1.0.x (fix 1.0.9). Spring AI 1.1.0 through 1.1.x (fix 1.1.8).
CVSS Score
8.6
EPSS Score
0.004
Published
2026-06-15
CVE-2026-41708
In Spring Cloud Sleuth, it is possible for a user to provide specially crafted calls that may cause a denial-of-service (DoS) condition. The application is vulnerable when it uses a vulnerable version of org.springframework.cloud:spring-cloud-sleuth-instrumentation and Spring TX instrumentation is not disabled. Affected versions: Spring Cloud Sleuth 3.1.0 through 3.1.13.
CVSS Score
7.5
EPSS Score
0.005
Published
2026-06-15
CVE-2026-30120
remotion-dev remotion v4.0.409 was discovered to contain a remote code execution (RCE) vulnerability.
CVSS Score
9.8
EPSS Score
0.008
Published
2026-06-15
CVE-2026-30121
remotion-dev remotion v4.0.409 was discovered to contain an arbitrary file write vulnerability.
CVSS Score
9.1
EPSS Score
0.003
Published
2026-06-15
CVE-2025-55650
A heap use-after-free in the gf_node_get_tag function (scenegraph/base_scenegraph.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2026-06-15
CVE-2025-55652
A heap buffer overflow in the gf_isom_vp_config_new function (isomedia/avc_ext.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2026-06-15
CVE-2025-55660
A stack overflow in the gf_opus_read_length function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2026-06-15
CVE-2025-55661
A heap buffer overflow in the Opus audio stream parser component of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2026-06-15
CVE-2025-55663
A segmentation violation in the Track_SetStreamDescriptor function (isomedia/track.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
CVSS Score
5.5
EPSS Score
0.002
Published
2026-06-15
CVE-2025-55642
GPAC MP4Box v2.4 was discovered to contain a floating point exception in the avidmx_process function (isomedia/isom_write.c).
CVSS Score
6.5
EPSS Score
0.005
Published
2026-06-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved