CVE•Published 2024-04-10•Modified 2026-05-15•1 article on news•6 live references•NVD data
CVE-2024-3566Haskell · Process_library
Vulnerability data via NVD (ingested)
CVSS v3.1
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS percentile
92
Exploit Prediction Scoring System · top 8% of all CVEs
Weaknesses (CWE)
Description
A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.
Timeline
Published 2024-04-10
Modified 2026-05-15
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
Shodan · vuln tag1,376,567 hosts
vuln:CVE-2024-3566Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · product
product:"Haskell Process Library"All exposed Haskell Process Library instances — cross-reference with the CVE's affected-version range.
Shodan · banner/body mention
http.html:"Process Library"HTTP body or banner mentions "Process Library" — catches deploys Shodan didn't identify as a product.
More intel sources (5)
Shodan report
vuln:CVE-2024-3566Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2024-3566Censys host search filtered to this CVE id.
grep.app
CVE-2024-3566Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2024-3566GitHub code search for direct mentions.
Google dork
"CVE-2024-3566" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.
Known PoCs on GitHub (8)
CVE-2024-35668 repos
Ostorlab/KEVunknown
Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.
Nsbx/awesome-starsunknown
My Awesome List generated by : https://github.com/abhijithvijayan/stargazed
CVEDB/awesome-cve-repoShell
chnzzh/OpenSSL-CVE-libunknown
badigervijay/AI-Based-Threat-Intelligence-Platformunknown
In network security AI Using machine learning and data analytics, AI systems can recognize signs of hacking, data breaches, and malware infections and provide real-time alerts
maheshndev/awesome-reposHTML
Awesome Repositories - Explore top-rated GitHub repositories curated for developers—tools, libraries, and projects to boost productivity and learning in one place. Discover the bes…
awiseguy88/openclaw-advanced-skills-libraryunknown
OpenClaw Skills Library 2,510 Production-Ready Skills for AI Agent Automation Give your OpenClaw agent the complete puzzle. Modular, observable, and safe automation workflows for…
safebyte-sbc/tls-inspectorKotlin
Modern TLS security scanner for Burp Suite — 28 probes, 4 compliance baselines, Montoya API