CVE-2026-54490 | faye websocket-driver up to 0.7.4 Permessage-Deflate Extension hybi.js accept out-of-bounds write
A vulnerability described as problematic has been identified in faye websocket-driver up to 0.7.4. This affects the function Accept of the file lib/websocket/driver/hybi.js of the component Permessage-Deflate Extension. The manipulation results in out-of-bounds write.
This vulnerability is identified as CVE-2026-54490. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More