CVE-2026-54466
The CVE-2026-54466 entry concerns websocket-driver (WebSocket protocol handler). Prior to version 0.7.5, draft75.js parses a length header that can be abused by sending a sequence of bytes (0x80 or higher), causing an ever-growing integer to be produced. Because JavaScript numbers are 64‑bit floa...