9 matches found
CVE-2026-57212
RabbitMQ is a messaging and streaming broker. Prior to 3.13.14, 4.0.19, 4.1.10, and 4.2.5, the rabbitmqmanagement HTTP API accepts oversized valid JSON bodies on withdecode and directrequest paths because readcompletebody checks the accumulated size before the final chunk but not the final combin...
CVE-2026-57212
CVE-2026-57212 – RabbitMQ management HTTP API oversized request bodies . The issue affects RabbitMQ’s management HTTP API, where oversized valid JSON bodies can be accepted on the with_decode and direct_request paths because read_complete_body checks the accumulated size before the final chunk bu...
CVE-2026-57212 RabbitMQ management HTTP API accepts request bodies larger than configured max_http_body_size
RabbitMQ is a messaging and streaming broker. Prior to 3.13.14, 4.0.19, 4.1.10, and 4.2.5, the rabbitmqmanagement HTTP API accepts oversized valid JSON bodies on withdecode and directrequest paths because readcompletebody checks the accumulated size before the final chunk but not the final combin...
CVE-2026-45047
bird-lg-go is a BIRD looking glass in Go. Prior to 1.4.5, the apiHandler and similarly webHandlerTelegramBot processes user-provided JSON payloads by directly using json.NewDecoderr.Body.Decode without restricting the maximum read size. An unauthenticated remote attacker can stream an extremely...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS via the apiHandler and webHandlerTelegramBot processes. An attacker can cause the application to exhaust system memory and crash by sending an extremely large or endless JSON payload over a single TCP connection...
CVE-2026-45047
bird-lg-go is a BIRD looking glass in Go. Prior to 1.4.5, the apiHandler and similarly webHandlerTelegramBot processes user-provided JSON payloads by directly using json.NewDecoderr.Body.Decode&request without restricting the maximum read size. An unauthenticated remote attacker can stream an...
CVE-2026-24661
Mattermost Plugins
EUVD-2026-9924
OpenClaw versions prior to 2026.2.13 contain a denial of service vulnerability in webhook handlers that buffer request bodies without strict byte or time limits. Remote unauthenticated attackers can send oversized JSON payloads or slow uploads to webhook endpoints causing memory pressure and...
Improper Validation of Specified Quantity in Input
Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input n the EVBufferToJson function in the HTTP server component. An...