| CVE-2026-47073 |
high |
7.5 |
7.5 |
3d ago |
Unbounded memory consumption in WebSocket client in hackney |
|
| CVE-2026-47067 |
high |
7.5 |
7.5 |
3d ago |
Atom table exhaustion via unrecognized URL schemes in hackney |
|
| CVE-2026-47072 |
high |
7.5 |
7.5 |
3d ago |
Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in benoitc hackney allows HTTP Request/Response Splitting. The WebSocket upgrade code in src/hackney_ws.erl copies the host,… |
|
| CVE-2026-47075 |
high |
7.5 |
7.5 |
3d ago |
Improper Neutralization of CRLF Sequences vulnerability in benoitc hackney allows HTTP Request Splitting. hackney does not percent-encode carriage return (\r) or line feed (\n) characters in the URL … |
|
| CVE-2026-47077 |
high |
7.5 |
7.5 |
3d ago |
Unbounded body accumulation in HTTP/3 response loop in hackney |
|
| CVE-2026-47071 |
high |
7.5 |
7.5 |
3d ago |
SOCKS5 TLS upgrade ignores caller timeout in hackney |
|
| CVE-2026-47066 |
high |
7.5 |
7.5 |
3d ago |
Infinite loop in Alt-Svc header parser in hackney |
|