Lucene search
K

8 matches found

NVD
NVD
added 2026/06/17 1:20 p.m.20 views

CVE-2026-48779

ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to 7.5.11, and from 8.0.0 up to 8.21.0 are affected by a memory exhaustion DoS vulnerability. A peer can send a high volume of exceptionally...

7.5CVSS0.00782EPSS
Exploits1References16
Vulnrichment
Vulnrichment
added 2026/06/16 9:26 p.m.7 views

CVE-2026-48779 ws: Memory exhaustion DoS from tiny fragments and data chunks

ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to 7.5.11, and from 8.0.0 up to 8.21.0 are affected by a memory exhaustion DoS vulnerability. A peer can send a high volume of exceptionally...

7.5CVSS5.1AI score0.00782EPSS
Exploits1References5
CVE
CVE
added 2026/06/16 9:26 p.m.164 views

CVE-2026-48779

Technical details for CVE-2026-48779 are not publicly available in the provided documents. Monitor for updates from the listed sources; the initial description includes affected versions and fixes, but no further technical specifics are provided here.

7.5CVSS5.1AI score0.00782EPSS
Exploits1References16Affected Software1
Cvelist
Cvelist
added 2026/06/16 9:26 p.m.27 views

CVE-2026-48779 ws: Memory exhaustion DoS from tiny fragments and data chunks

ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to 7.5.11, and from 8.0.0 up to 8.21.0 are affected by a memory exhaustion DoS vulnerability. A peer can send a high volume of exceptionally...

7.5CVSS0.00782EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2026/06/16 9:26 p.m.7 views

CVE-2026-48779

ws is an open source WebSocket client and server for Node.js. All versions from 1.1.0 up to but not including 5.2.5, from 6.0.0 up to 6.2.4, from 7.0.0 up to 7.5.11, and from 8.0.0 up to 8.21.0 are affected by a memory exhaustion DoS vulnerability. A peer can send a high volume of exceptionally...

7.5CVSS5.2AI score0.00782EPSS
Exploits1
OSV
OSV
added 2026/06/15 4:34 p.m.25 views

GHSA-96HV-2XVQ-FX4P ws: Memory exhaustion DoS from tiny fragments and data chunks

Impact A high volume of exceptionally small fragments and data chunks can be sent by a peer, with modest network traffic, to force the remote peer into allocating and holding structural wrappers that consume far more memory than the default documented message-size limit, leading to process...

7.5CVSS5.3AI score0.00782EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/06/15 4:34 p.m.67 views

ws: Memory exhaustion DoS from tiny fragments and data chunks

Impact A high volume of exceptionally small fragments and data chunks can be sent by a peer, with modest network traffic, to force the remote peer into allocating and holding structural wrappers that consume far more memory than the default documented message-size limit, leading to process...

7.5CVSS5.3AI score0.00782EPSS
Exploits1References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.19 views

PT-2026-49552

Name of the Vulnerable Software and Affected Versions ws versions 1.1.0 through 5.2.4 ws versions 6.0.0 through 6.2.3 ws versions 7.0.0 through 7.5.10 ws versions 8.0.0 through 8.20.9 Description ws is an open source WebSocket client and server for Node.js. A peer can send a high volume of...

7.5CVSS5.3AI score0.00782EPSS
Exploits1References33
Rows per page
Query Builder