CVE-2026-12151 | undici up to 6.25.x/7.27.x/8.4.x WebSocketStream API resource consumption

A vulnerability classified as problematic has been found in undici up to 6.25.x/7.27.x/8.4.x. Affected is an unknown function of the component WebSocketStream API. Performing a manipulation results in resource consumption.

This vulnerability was named CVE-2026-12151. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More