| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33871 | Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass | netty | netty | 高危 | - | 2026-03-27 19:55:23 | Deep Dive |
| CVE-2026-33870 | Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing | netty | netty | High | 7.5 | 2026-03-27 19:54:16 | Deep Dive |
| CVE-2025-67735 | Netty has a CRLF Injection vulnerability in io.netty.handler.codec.http.HttpRequestEncoder | netty | netty | Medium | 6.5 | 2025-12-16 00:19:11 | Deep Dive |
| CVE-2025-11253 | SQLi in Aksis Technologies' Netty ERP | Aksis Technology Inc. | Netty ERP | Critical | 9.8 | 2025-10-24 08:32:39 | Deep Dive |
| CVE-2025-59419 | Netty netty-codec-smtp SMTP Command Injection Vulnerability Allowing Email Forgery | netty | netty | 中危 | - | 2025-10-15 15:42:31 | Deep Dive |
| CVE-2025-58057 | Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack | netty | netty | - | - | 2025-09-03 21:46:50 | Deep Dive |
| CVE-2025-58056 | Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions | netty | netty | - | - | 2025-09-03 20:56:51 | Deep Dive |
| CVE-2025-55163 | Netty MadeYouReset HTTP/2 DDoS Vulnerability | netty | netty | - | - | 2025-08-13 14:17:36 | Deep Dive |
| CVE-2025-22227 | CVE-2025-22227: Authentication Leak On Redirect With Reactor Netty HTTP Client | VMware | Reactor Netty | Medium | 6.1 | 2025-07-16 09:31:15 | Deep Dive |
| CVE-2025-29908 | Netty QUIC hash collision DoS attack | netty | netty-incubator-codec-quic | Medium | 5.3 | 2025-03-31 18:43:44 | Deep Dive |
| CVE-2025-25193 | Denial of Service attack on windows app using Netty | netty | netty | Medium | 5.5 | 2025-02-10 22:02:17 | Deep Dive |
| CVE-2025-24970 | SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine | netty | netty | High | 7.5 | 2025-02-10 21:57:29 | Deep Dive |
| CVE-2024-47535 | Denial of Service attack on windows app using Netty | netty | netty | Medium | 5.5 | 2024-11-12 15:50:08 | Deep Dive |
| CVE-2024-40642 | Absent Input Validation in BinaryHttpParser in the netty incubator codec.bhttp | netty | netty-incubator-codec-ohttp | High | 8.1 | 2024-07-18 22:21:58 | Deep Dive |
| CVE-2024-36121 | netty-incubator-codec-ohttp's BoringSSLAEADContext Repeats Nonces | netty | netty-incubator-codec-ohttp | Medium | 5.9 | 2024-06-04 21:13:34 | Deep Dive |
| CVE-2024-29025 | Netty HttpPostRequestDecoder can OOM | netty | netty | Medium | 5.3 | 2024-03-25 20:09:35 | Deep Dive |
| CVE-2023-34054 | Reactor Netty HTTP Server Metrics DoS Vulnerability | Spring | Reactor Netty | Medium | 5.3 | 2023-11-28 08:16:14 | Deep Dive |
| CVE-2023-34062 | VMware Reactor Netty 路径遍历漏洞 | - | Reactor Netty | High | 7.5 | 2023-11-15 09:46:43 | Deep Dive |
| CVE-2023-34462 | netty-handler SniHandler 16MB allocation | netty | netty | Medium | 6.5 | 2023-06-22 23:00:12 | Deep Dive |
| CVE-2022-41915 | Netty 安全漏洞 | netty | netty | Medium | 6.5 | 2022-12-13 00:00:00 | Deep Dive |