Browse all 4 CVE security advisories affecting pendulum-project. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Pendulum-project is a distributed task execution framework designed for parallel processing of computational workloads. Historically, it has been susceptible to remote code execution vulnerabilities due to unsafe deserialization and command injection flaws, along with cross-site scripting issues in web interfaces. Privilege escalation vulnerabilities have also been identified in its permission management system. The project maintains four CVE records, primarily focusing on RCE and XSS weaknesses. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in input validation and access control suggests potential risks in production environments requiring strict hardening measures.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-26076 | ntpd-rs affected by excessive CPU load from malformed packets — ntpd-rsCWE-770 | 5.3AI | MediumAI | 2026-02-12 |
| CVE-2025-58066 | DoS Vulnerability in ntpd-rs — ntpd-rsCWE-406 | 5.3 | Medium | 2025-08-29 |
| CVE-2024-38528 | Unlimited number of NTS-KE connections can crash ntpd-rs server — ntpd-rsCWE-770 | 7.5 | High | 2024-06-28 |
| CVE-2023-33192 | Improper handling of NTS cookie length that could crash the ntpd-rs server — ntpd-rsCWE-130 | 7.5 | High | 2023-05-27 |
This page lists every published CVE security advisory associated with pendulum-project. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.