CVE-2026-2229 | undici up to 6.24.0 isValidClientWindowBits uncaught exception

Inserito da Angelo Barbosa | Mar 12, 2026 | CVE

A vulnerability labeled as problematic has been found in undici. Affected by this issue is the function isValidClientWindowBits. Such manipulation leads to uncaught exception.

This vulnerability is referenced as CVE-2026-2229. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.

CVE-2026-2229 | undici up to 6.24.0 isValidClientWindowBits uncaught exception

Post correlati

CVE-2024-31450 | Owncast up to 0.1.2 Administrator API /api/admin path traversal (GHSL-2023-277)

CVE-2025-40838 | Ericsson Indoor Connect 8855 up to 2025.Q1 insufficiently protected credentials

CVE-2023-49287 | cxong TinyDir up to 1.2.5 tinydir_file_open buffer overflow (GHSA-jf5r-wgf4-qhxf)

CVE-2023-48909 | Jave2 3.3.1 FFmpeg Privilege Escalation