CVE-2026-40608 | DayuanJiang next-ai-draw-io up to 0.4.14 POST allocation of resources (GHSA-9q7h-wgfw-p378 / EUVD-2026-24217)

A vulnerability marked as problematic has been reported in DayuanJiang next-ai-draw-io up to 0.4.14. The affected element is an unknown function of the component POST Handler. Performing a manipulation results in allocation of resources.

This vulnerability is identified as CVE-2026-40608. The attack is only possible with local access. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More