CVE-2026-27695

zae-limiter is a rate limiting library using the token bucket algorithm. Prior to version 0.10.1, all rate limit buckets for a single entity share the same DynamoDB partition key namespace/ENTITYid. A high-traffic entity can exceed DynamoDB's per-partition throughput limits 1,000 WCU/sec, causing...

EUVD-2026-8642

zae-limiter: DynamoDB hot partition throttling enables per-entity Denial of Service...

CVE-2026-27695

zae-limiter is a rate limiting library using the token bucket algorithm. Prior to version 0.10.1, all rate limit buckets for a single entity share the same DynamoDB partition key namespace/ENTITYid. A high-traffic entity can exceed DynamoDB's per-partition throughput limits 1,000 WCU/sec, causing...

CVE-2026-27695

The CVE concerns the zae-limiter rate limiter library. Prior to version 0.10.1 , all rate limit buckets for a single entity shared the DynamoDB partition key (namespace/ENTITY#{id}), which can cause throttling under high throughput and potentially affect co-located entities. The issue is fixed in...

zae-limiter 安全漏洞

Zae-limiter is a rate-limiting library open source by ZeroAE. Versions of Zae-limiter prior to 0.10.1 contained security vulnerabilities. These vulnerabilities stemmed from the fact that all rate-limiting buckets for a single entity shared the same DynamoDB partition key. This could lead to...