Known Vulnerabilities for Plug by Elixir-plug
Listed below are 10 of the newest known vulnerabilities associated with "Plug" by "Elixir-plug".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59089 json | A flaw was found in GIMP. The PlayStation TIM loader, responsible for handling PlayStation image files, incorrectly calculate... | Not Provided | 2026-07-06 | 2026-07-06 |
| CVE-2026-58547 json | Heap-based buffer overflow in Universal Plug and Play (upnp.dll) allows an authorized attacker to elevate privileges locally. | Not Provided | 2026-07-14 | 2026-07-15 |
| CVE-2026-56814 json | Plug.Parsers.MULTIPART, the multipart request-body parser used to handle file uploads and multipart forms, does not enforce i... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-56813 json | Improper Neutralization of Parameter/Argument Delimiters vulnerability in elixir-plug plug allows an attacker to inject or ov... | Not Provided | 2026-07-10 | 2026-07-10 |
| CVE-2026-54892 json | Inefficient algorithmic complexity in Plug's nested-parameter decoder allows an unauthenticated remote attacker to cause deni... | Not Provided | 2026-06-23 | 2026-06-23 |
| CVE-2026-53135 json | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref and buffer over-read in ... | Not Provided | 2026-06-25 | 2026-06-25 |
| CVE-2026-50455 json | Use of uninitialized resource in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information loc... | Not Provided | 2026-07-14 | 2026-07-15 |
| CVE-2026-49180 json | Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized att... | Not Provided | 2026-07-14 | 2026-07-14 |
| CVE-2026-45635 json | Access of resource using incompatible type ('type confusion') in Universal Plug and Play (upnp.dll) allows an unauthorized at... | Not Provided | 2026-06-09 | 2026-07-08 |
| CVE-2026-45599 json | Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network. | Not Provided | 2026-06-09 | 2026-06-10 |