CVE-2026-39804 - WebSocket permessage-deflate inflate has no output-size cap in bandit
CVE ID :CVE-2026-39804 Published : May 1, 2026, 9:16 p.m. | 50 minutes ago Description :Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion when WebSocket permessage-deflate compression is en
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Edu tech firm Instructure discloses cyber incident, probes impact
- [CYBER] Financial authorities to suspend Lotte Card’s operations for 4.5 months
- [CYBER] For vulnerability research, smaller models run repeatedly can outperform larger frontier models on cost-to-recall.
- [CYBER] Every cyber incident that public companies have disclosed to the SEC, in one searchable database
- [CYBER] Hidden iOS Malware
- [CYBER] CVE-2026-7599 - Dayoooun hwpx-mcp MCP index.ts export_to_html path traversal