CVE-2026-5766 - Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass
CVE ID :CVE-2026-5766 Published : May 5, 2026, 4:16 p.m. | 38 minutes ago Description :An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. ASGI requests with a missing or understated `Content-Length` header can bypass the `FILE_UPLOAD_MAX_MEMORY_SIZE` limit, potentially loading
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Drift outlines a recovery plan for users after $295 million DPRK-linked exploit
- [CYBER] Google Will Pay $1.5 Million For Pixel Phone Security Exploit
- [CYBER] CVE-2026-7853 - D-Link DI-8100 HTTP auto_reboot.asp sprintf buffer overflow
- [CYBER] CVE-2026-7851 - D-Link DI-8100 yyxz.asp sprintf stack-based overflow
- [CYBER] CVE-2026-7854 - D-Link DI-8100 POST Parameter url_rule.asp url_rule_asp buffer overflow
- [CYBER] Vimeo confirms breach via third-party vendor impacts 119K users