Skip to main content

Opensource Socialnetwork

1 CVEs product

Monthly

CVE-2026-41309 HIGH PATCH This Week

Resource exhaustion in Open Source Social Network (OSSN) versions prior to 9.0 allows remote unauthenticated attackers to trigger Denial of Service by uploading specially crafted images with extreme pixel dimensions (e.g., 10000×10000). While the compressed file size appears small, server-side decompression and resizing allocates excessive memory and CPU, crashing or degrading service. EPSS exploitation probability data not available, but the attack vector is straightforward (AV:N/AC:L/PR:N) with publicly documented technical details and fix commit available on GitHub. CVSS 8.2 reflects the easy remote exploitation path despite limited confidentiality impact.

Denial Of Service Opensource Socialnetwork
NVD GitHub
CVSS 3.1
8.2
EPSS
0.1%
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Resource exhaustion in Open Source Social Network (OSSN) versions prior to 9.0 allows remote unauthenticated attackers to trigger Denial of Service by uploading specially crafted images with extreme pixel dimensions (e.g., 10000×10000). While the compressed file size appears small, server-side decompression and resizing allocates excessive memory and CPU, crashing or degrading service. EPSS exploitation probability data not available, but the attack vector is straightforward (AV:N/AC:L/PR:N) with publicly documented technical details and fix commit available on GitHub. CVSS 8.2 reflects the easy remote exploitation path despite limited confidentiality impact.

Denial Of Service Opensource Socialnetwork
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy