CVE-2026-56814 | elixir-plug up to 1.20.2 Multipart Request-Body Parser multipart.ex parse_multipart/2 filename denial of service

SecurityVulns

A vulnerability was found in elixir-plug plug up to 1.16.5/1.17.3/1.18.4/1.19.4/1.20.2. It has been classified as problematic. This affects the function parse_multipart/2 of the file lib/plug/parsers/multipart.ex of the component Multipart Request-Body Parser. This manipulation of the argument filename causes denial of service.

This vulnerability appears as CVE-2026-56814. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More