CVE-2026-50370
Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over an adjacent network.
CVSS
8.8
High
EPSS
0.5%
p40
KEV
—
Exploit Today
12
0-100
Published: Jul 14, 2026 · Last modified: Jul 15, 2026 · CWE-20 · CWE-122
0.5%EPSS · 30 days0.5%
2026-07-152026-07-17
Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over an adjacent network.
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-341978.8 HIG99.9%
KEV—80Apache ActiveMQ Improper Input Validation Vulnerability3dCVE-2026-125699.8 CRI66.0%
KEV—70PTC Windchill and FlexPLM Improper Input Validation Vulnerability18dCVE-2026-429458.1 HIG99.1%
——30NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond its control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.3dCVE-2026-276548.2 HIG97.4%
——29NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.3dCVE-2025-607877.2 HIG97.0%
——29MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name. Unsanitized user input is written to Motion configuration files, allowing remote authenticated attackers with admin access to achieve code execution when Motion is restarted.13dCVE-2017-149197.5 HIG94.3%
——28Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a denial of service (uncaught exception and crash) by leveraging a change in the zlib module 1.2.9 making 8 an invalid value for the windowBits parameter.4d