CVE-2026-0128
In RtcpFbPacket::decodeRtcpFbPacket, there is a possible out of bounds read due to an integer overflow. This could lead to remote informatio
CVSS
6.5
Medio
EPSS
0.2%
p8
KEV
—
Exploit Today
2
0-100
Publicado: 16 jun 2026 · Última mod.: 6 jul 2026 · CWE-190 · CWE-125
0.2%EPSS · 30 días0.2%
2026-06-302026-07-17
In RtcpFbPacket::decodeRtcpFbPacket, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2020-292387.5 ALT96.6%
——29An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request.9dCVE-2026-48915.3 MED92.7%
——28A heap-based out-of-bounds read vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.3dCVE-2022-250627.5 ALT87.8%
——26TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.9dCVE-2022-274067.5 ALT87.5%
——26FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.9dCVE-2023-458539.8 CRÍ86.6%
——26MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API.4dCVE-2022-274057.5 ALT85.0%
——25FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.9d