CVE-2026-42788 | mtrudel bandit up to 1.10.x frame.ex Elixir.bandit.HTTP/2.Frame:deserialize allocation of resources (GHSA-q6v9-r226-v65f / EUVD-2026-26716)

A vulnerability identified as problematic has been detected in mtrudel bandit up to 1.10.x. Affected by this vulnerability is the function Elixir.bandit.HTTP2.Frame:deserialize in the library lib/bandit/http2/frame.ex. Performing a manipulation results in allocation of resources.

This vulnerability is cataloged as CVE-2026-42788. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More