GHSA-V4W8-49PV-MF72 ChatterBot Vulnerable to Denial of Service via Database Connection Pool Exhaustion

Summary ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the getresponse method can exhaust the underlying SQLAlchemy connection pool, resulting in persistent service...

ChatterBot Vulnerable to Denial of Service via Database Connection Pool Exhaustion

Summary ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the getresponse method can exhaust the underlying SQLAlchemy connection pool, resulting in persistent service...

shynabot (=0.0.1), shynataskmanager (=0.0.1) potentially affected by CVE-2026-23842 via chatterbot (=1.0.4)

chatterbot PYPI version =1.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on chatterbot and may be impacted: - shynabot =0.0.1 - shynataskmanager =0.0.1 Source cves: CVE-2026-23842 Source advisory: SNYK:PYTHON-CHATTERBOT-15038747...

CVE-2026-23842

Summary of CVE-2026-23842 (ChatterBot): Up to version 1.2.10, ChatterBot is vulnerable to denial-of-service caused by improper database session and SQLAlchemy connection pool management. Concurrent calls to get_response() can exhaust the SQLAlchemy QueuePool, leaving the service unresponsive and ...