CVE-2026-12590 | Express.js body-parser up to 1.20.5/2.2.x Limit Validation bytes.parse limit denial of service
A vulnerability was found in Express.js body-parser up to 1.20.5/2.2.x and classified as problematic. Affected is the function bytes.parse of the component Limit Validation. The manipulation of the argument limit results in denial of service.
This vulnerability was named CVE-2026-12590. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More