A vulnerability, which was classified as problematic, was found in socketio Socket.IO up to 6.6.6. The affected element is an unknown function of the component Polling Transport. Such manipulation leads to resource consumption.
This vulnerability is referenced as CVE-2026-59725. It is possible to launch the attack remotely. No exploit is available.