CVE-2026-46378
Dasel is a command-line tool and library for querying, modifying, and transforming data structures. From 3.0.0 until 3.10.1, the selector le
CVSS
6.2
Medio
EPSS
—
KEV
—
Exploit Today
—
0-100
Publicado: 16 jul 2026 · Última mod.: 16 jul 2026 · CWE-835
Sin historial EPSS suficiente todavía.
Dasel is a command-line tool and library for querying, modifying, and transforming data structures. From 3.0.0 until 3.10.1, the selector lexer matchRegexPattern closure in (*Tokenizer).parseCurRune in selector/lexer/tokenize.go loops while tokenizing an unterminated regex literal such as r/ because peekRuneEqual returns false after the end of input, allowing attacker-controlled selector strings to consume CPU indefinitely. This issue is fixed in version 3.10.1.
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2026-48907.5 ALT93.6%
——28A Denial of Service (DoS) vulnerability in the DNSSEC validation of dnsmasq allows remote attackers to cause a denial of service via a crafted DNS packet.2dCVE-2026-428997.5 ALT82.4%
——25Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network.2dCVE-2026-331167.5 ALT80.0%
——24Loop with unreachable exit condition ('infinite loop') in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network.2dCVE-2026-465227.5 ALT76.7%
——23ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2.23 and 6.9.13-48, due to a missing check in the MIFF decoder, a crafted file could cause an infinite loop resulting in CPU exhaustion. Versions 7.1.2.23 and 6.9.13-48 fix the issue.2dCVE-2023-301887.5 ALT73.3%
——22Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file.8dCVE-2022-233527.5 ALT72.6%
——22An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).8d