CVE-2026-48069info

Zusammenfassung

von MITRE • 14.07.2026

@grpc/grps-js implements the core functionality of gRPC purely in JavaScript, without a C++ addon. Prior to 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, and 1.14.4, an invalid incoming compressed message can cause a client or server process that uses @grpc/grpc-js to crash. This issue is fixed in versions 1.9.16, 1.10.12, 1.11.4, 1.12.7, 1.13.5, and 1.14.4.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Veröffentlichung

14.07.2026

Moderieren

wird geprüft

EPSS

0.00000

KEV

nein

Aktivitäten

very low

Quellen

Do you want to use VulDB in your project?

Use the official API to access entries easily!