Product
A vulnerability, CVE-2026-50274, in Datadog's `dd-trace-go` library (versions <= 1.24.1 and v2 < 2.8.1) allows a remote, unauthenticated attacker to cause a Denial of Service (DoS) by sending HTTP requests with oversized W3C baggage headers, leading to unbounded CPU and memory consumption in instrumented services.