Product
A vulnerability (CVE-2026-23538) exists in the Feast Feature Server's /ws/chat endpoint, allowing remote attackers to establish numerous unauthenticated, persistent WebSocket connections. This exploit, a form of resource exhaustion (CWE-770), consumes server resources like memory, CPU, and file descriptors, leading to a complete denial of service for legitimate users. Affected versions are those prior to 0.59.0.