Summary
Langflow: Unauthenticated DoS through multipart form boundary file upload
References
Related vulnerabilities
All Supply chain →- MEDIUMGHSA-4XGF-CPJX-PC3J
pydantic-settings: NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size
- HIGHGHSA-XCQX-9JF5-W339
SearXNG MCP Server: Unbounded Response Body Read Bypasses URL Size Limit in `web_url_read`
- HIGHGHSA-8823-QG2X-PV9F
Ultimate Sitemap Parser (USP): Gzip Decompression Bomb Bypasses Sitemap Size Limit
- HIGHGHSA-P86G-XRR2-PF7C
CoreWCF: Pre-authentication infinite-loop CPU exhaustion in CoreWCF net.tcp / net.pipe / net.uds framing handshake
- HIGHGHSA-3PRJ-6HQW-CM82
PHP JWT Library: PBES2-HS*+A*KW unwrap accepts an unbounded p2c iteration count, enabling CPU-amplification denial of service
- MEDIUMGHSA-JM82-FX9C-MX94
pypdf: Missing stream length values ignore defined limits