CVE-2026-46385
A flaw was found in the Avro array and map decoding logic in Go Avro. The decoder failed to properly stop processing after encountering read errors while iterating over attacker-controlled block-count values, leading to excessive resource consumption. A remote unauthenticated attacker could explo...