CVE-2026-53433 Denial of Service in fzf

fzf is vulnerable to a Denial of Service DoS due to inefficient HTTP body processing in the --listen mode due to inefficient HTTP body processing using repeated string concatenation, resulting in quadratic time complexity On². A crafted POST request with many small segments can trigger excessive...

CVE-2025-69227

CVE-2025-69227 affects AIOHTTP (async HTTP client/server for asyncio) with vulnerable versions 3.13.2 and earlier. The issue is an infinite loop that can trigger a DoS when assert statements are bypassed during POST body processing; if optimizations are enabled (-O or PYTHONOPTIMIZE=1) and a hand...

AIOHTTP vulnerable to DoS when bypassing asserts

Summary When assert statements are bypassed, an infinite loop can occur, resulting in a DoS attack when processing a POST body. Impact If optimisations are enabled -O or PYTHONOPTIMIZE=1, and the application includes a handler that uses the Request.post method, then an attacker may be able to...

CVE-2025-32997

In http-proxy-middleware before 2.0.9 and 3.x before 3.0.5, fixRequestBody proceeds even if bodyParser has failed...