CVE-2026-28412 Textream Vulnerable to Uncontrolled Resource Consumption (Denial of Service)

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the DirectorServer WebSocket server imposes no limit on concurrent connections. Combined with a broadcast timer that sends state to all connected clients every 100 ms, an attacker can exhaust CPU and memory by flooding the server...

CVE-2026-28412

CVE-2026-28412 affects Textream, a macOS teleprompter app. The DirectorServer WebSocket server allows unlimited concurrent connections, and when combined with a broadcast timer sending state to all clients every 100 ms, it can exhaust CPU and memory, freezing/crashing the application during live ...

EUVD-2026-9201

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the DirectorServer WebSocket server imposes no limit on concurrent connections. Combined with a broadcast timer that sends state to all connected clients every 100 ms, an attacker can exhaust CPU and memory by flooding the server...

PT-2026-22626

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the DirectorServer WebSocket server imposes no limit on concurrent connections. Combined with a broadcast timer that sends state to all connected clients every 100 ms, an attacker can exhaust CPU and memory by flooding the server...