CVE-2026-12590
The Red Hat and CVE records confirm a vulnerability in body-parser: when the parser is configured with an invalid limit option (e.g., unparseable string or NaN), the request body size check is silently bypassed, enabling potential DoS through unbounded payloads. Affected versions are body-parser ...