Browse all 6 CVE security advisories affecting maximmasiutin. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Maximmasiutin develops security-focused software with a core use case in vulnerability assessment and penetration testing tools. Historically, associated vulnerabilities commonly include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from input validation failures and insecure design patterns. The project maintains a moderate CVE count with six records to date, primarily affecting its web interfaces and API endpoints. No major security incidents have been widely documented, though the consistent appearance of similar vulnerability classes suggests ongoing challenges in secure coding practices. The project remains relevant in security research circles for its practical utility despite these recurring issues.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-29046 | TinyWeb: HTTP Header Control Character Injection into CGI Environment — TinyWebCWE-114 | 7.5 | - | 2026-03-06 |
| CVE-2026-28497 | TinyWeb: Integer Overflow in `_Val` (HTTP Request Smuggling) — TinyWebCWE-190 | 6.5 | - | 2026-03-06 |
| CVE-2026-27633 | TinyWeb has Unbounded Content-Length Memory Exhaustion (DoS) — TinyWebCWE-400 | 7.5AI | HighAI | 2026-02-25 |
| CVE-2026-27630 | TinyWeb vulnerable to Remote Denial of Service via Thread/Connection Exhaustion (Slowloris) — TinyWebCWE-400 | 7.5AI | HighAI | 2026-02-25 |
| CVE-2026-27613 | CGI Parameter Injection (Bypass of STRICT_CGI_PARAMS and EscapeShellParam) — TinyWebCWE-78 | 9.8AI | CriticalAI | 2026-02-25 |
| CVE-2026-22781 | TinyWeb CGI Command Injection — TinyWebCWE-78 | 9.8AI | CriticalAI | 2026-01-12 |
This page lists every published CVE security advisory associated with maximmasiutin. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.