CVE-2026-28356 | defnull multipart up to 1.2.1/1.3.0 multipart.py parse_options_header redos (GHSA-p2m9-wcp5-6qw3)

A vulnerability was found in defnull multipart up to 1.2.1/1.3.0. It has been classified as problematic. The affected element is the function parse_options_header of the file multipart.py. This manipulation causes inefficient regular expression complexity.

The identification of this vulnerability is CVE-2026-28356. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More