EUVD-2026-35549

Microsoft Security Advisory CVE-2026-45591 – ASP.NET Core Denial of Service Vulnerability...

Microsoft Security Advisory CVE-2026-45591 – ASP.NET Core Denial of Service Vulnerability

Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core SignalR and Blazor Server. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A denial of service...

GHSA-XCGM-R5H9-7989 aiohttp: Incomplete websocket frame payloads bypass memory limits

Summary If an attacker sends large incomplete websocket frame payloads, it may be possible to bypass the usual size limits on memory use. Impact If a web application has WebSocket endpoints, it may be possible for an attacker to execute a DoS attack through excessive memory use. ----- Patch:...

aiohttp: Incomplete websocket frame payloads bypass memory limits

Summary If an attacker sends large incomplete websocket frame payloads, it may be possible to bypass the usual size limits on memory use. Impact If a web application has WebSocket endpoints, it may be possible for an attacker to execute a DoS attack through excessive memory use. ----- Patch:...

GHSA-4FVR-RGM6-GQMC aiohttp: HTTP/1 Pipelined Requests Queue Without Limit

Summary No limit was present on the number of pipelined requests that could be queued. Impact An attacker may be able to use pipelined requests to use excessive amounts of memory, potentially leading to DoS. ----- Patch:...

aiohttp: HTTP/1 Pipelined Requests Queue Without Limit

Summary No limit was present on the number of pipelined requests that could be queued. Impact An attacker may be able to use pipelined requests to use excessive amounts of memory, potentially leading to DoS. ----- Patch:...

GHSA-G3CQ-J2XW-WF74 aiohttp: Unread Compressed Request Bodies Bypass client_max_size During Cleanup

Summary During cleanup it is possible for a compressed request body to be decompressed into memory in one chunk. Impact An attacker may be able to send a compressed payload in specific situations that could be decompressed into memory, potentially leading to DoS a zip bomb edge case. Workaround...

aiohttp: Unread Compressed Request Bodies Bypass client_max_size During Cleanup

Summary During cleanup it is possible for a compressed request body to be decompressed into memory in one chunk. Impact An attacker may be able to send a compressed payload in specific situations that could be decompressed into memory, potentially leading to DoS a zip bomb edge case. Workaround...

GHSA-63HW-FMQ6-XXG2 aiohttp: C HTTP Parser Bypasses max_line_size for Fragmented Lines

Summary It is possible to bypass the maxlinesize check in parts of an HTTP request in the C parser. Impact If using the optimised C parser the default in pre-built wheels, then an attacker may be able to send oversized lines through the HTTP parser and use an excessive amount of memory, potential...

aiohttp: C HTTP Parser Bypasses max_line_size for Fragmented Lines

Summary It is possible to bypass the maxlinesize check in parts of an HTTP request in the C parser. Impact If using the optimised C parser the default in pre-built wheels, then an attacker may be able to send oversized lines through the HTTP parser and use an excessive amount of memory, potential...

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

A flaw was found in Go's crypto/x509 package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service DoS for...

Important: Red Hat Security Advisory: osbuild-composer security update

An update for osbuild-composer is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

EUVD-2026-32919

PyJWT: Unauthenticated DoS via unbounded Base64URL decoding of unused payload segment in b64=false detached JWS...

GHSA-W7VC-732C-9M39 PyJWT: Unauthenticated DoS via unbounded Base64URL decoding of unused payload segment in b64=false detached JWS

!NOTE Practical impact depends on whether request body-size limits are enforced upstream proxy/web-server/framework. Deployments with typical body-size caps ≤2 MB bound the amplifier significantly; deployments accepting larger token inputs are more exposed. When verifying detached JWS tokens usin...

PyJWT: Unauthenticated DoS via unbounded Base64URL decoding of unused payload segment in b64=false detached JWS

!NOTE Practical impact depends on whether request body-size limits are enforced upstream proxy/web-server/framework. Deployments with typical body-size caps ≤2 MB bound the amplifier significantly; deployments accepting larger token inputs are more exposed. When verifying detached JWS tokens usin...

Security Bulletin: IBM Sterling Connect:Direct Web Services is Affected by Regular Expression Denial of Service.

Summary picomatch-2.3.1.tgz is used by IBM Sterling Connect:Direct Web Services CVE-2026-33671, CVE-2026-33672. Vulnerability Details CVEID:CVE-2026-33671 DESCRIPTION: Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression...

CVE-2026-52718

GStreamer AV1 parser vulnerability in gst-plugins-bad. The gst_av1_parser_parse_tile_list_obu() function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization and potential crash. A remote user could trigger an assertion abort by opening a crafted AV1 ...

CVE-2026-52718 Gstreamer1-plugins-bad-free: gstreamer: denial of service via av1 tile_list_obu parser byte/bit confusion

A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gstav1parserparsetilelistobu function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a user into opening a special...

CVE-2026-52718

A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gstav1parserparsetilelistobu function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a user into opening a special...