CVE Catalog

CVE-2026-42005

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Summary

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.

Risk Assessment

The risk for the organization is the possibility of causing a service outage through memory exhaustion, which may disrupt system operations if the internal web server is enabled.

Recommendation

It is recommended to keep the internal web server disabled if not required, and apply security updates from the vendor when available.

Original NVD description (English source)

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS