CVE-2026-40036

Unfurl before 2026.04 contains an unbounded zlib decompression vulnerability in parse_compressed.py that lets remote attackers trigger denial of service by submitting highly compressed payloads via URL parameters to the /json/visjs endpoint, expanding to gigabytes and exhausting server memory. CV...

Unfurl 安全漏洞

Unfurl is a URL data extraction and visualization analysis tool developed by Ryan Benson. Versions of Unfurl prior to version 2026.04 contained security vulnerabilities. These vulnerabilities stemmed from an unlimited zlib decompression issue in the parsecompressed.py script. This could allow...