CVE-2026-20031— ClamAV CSS Image Parsing Error Handling Denial of Service Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-20031
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ClamAV CSS Image Parsing Error Handling Denial of Service Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit this vulnerability by submitting a crafted HTML file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the scanning process.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
未捕获的异常
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Secure Endpoint 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Secure Endpoint(Cisco AMP for Endpoints)是美国思科(Cisco)公司的一套集成了静态和动态恶意软件分析以及威胁情报于一体的终端应用程序。 Cisco Secure Endpoint存在安全漏洞,该漏洞源于拆分UTF-8字符串时错误处理不当,可能导致未经身份验证的远程攻击者终止扫描进程,引发拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco Secure Endpoint | 7.0.5 | - |
II. Public POCs for CVE-2026-20031
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-20031
请登录查看更多情报信息。
Same Patch Batch · Cisco · 2026-03-04 · 50 CVEs total
| CVE-2026-20131 | 10.0 CRITICAL | Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability |
| CVE-2026-20079 | 10.0 CRITICAL | Cisco Secure Firewall Management Center 安全漏洞 |
| CVE-2026-20103 | 8.6 HIGH | Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏 |
| CVE-2026-20101 | 8.6 HIGH | Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure FTD Software 安全特征问题漏洞 |
| CVE-2026-20039 | 8.6 HIGH | Cisco Adaptive Security Appliance and Firepower Threat Defense Software SSL VPN Authentica |
| CVE-2026-20082 | 8.6 HIGH | Cisco Secure Firewall Adaptive Security Appliance 安全漏洞 |
| CVE-2026-20002 | 8.1 HIGH | Cisco Secure Firewall Management Center SQL注入漏洞 |
| CVE-2026-20049 | 7.7 HIGH | Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏 |
| CVE-2026-20014 | 7.7 HIGH | Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏 |
| CVE-2026-20105 | 7.7 HIGH | Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏 |
| CVE-2026-20100 | 7.7 HIGH | Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏 |
| CVE-2026-20062 | 7.2 HIGH | Cisco Secure Firewall Adaptive Security Appliance 安全漏洞 |
| CVE-2026-20025 | 6.8 MEDIUM | Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 输入验 |
| CVE-2026-20024 | 6.8 MEDIUM | Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 缓冲区 |
| CVE-2026-20050 | 6.8 MEDIUM | Cisco Secure Firewall Threat Defense Decryption Policy Denial of Service Vulnerability |
| CVE-2026-20020 | 6.8 MEDIUM | Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 输入验 |
| CVE-2026-20064 | 6.5 MEDIUM | Cisco Secure Firewall Threat Defense 代码问题漏洞 |
| CVE-2026-20001 | 6.5 MEDIUM | Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities |
| CVE-2026-20102 | 6.1 MEDIUM | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Softw |
| CVE-2026-20149 | 6.1 MEDIUM | Cisco Webex 跨站脚本漏洞 |
Showing top 20 of 50 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
Same weakness: CWE-248
- CVE-2026-41585
ZEBRA: Denial of Service via Interrupted JSON-RPC Requests f - CVE-2026-7183
aligungr UERANSIM Radio Link Simulation Layer rls_pdu.cpp De - CVE-2026-5937
Foxit PDF Editor/Reader's insufficient parameter validation - CVE-2026-35348
uutils coreutils sort Local Denial of Service via Forced UTF - CVE-2026-34944
Wasmtime segfault or unused out-of-sandbox load with `f64x2.
V. Comments for CVE-2026-20031
No comments yet