Tag

Connection-Exhaustion

1 brief RSS

Next.js Cache Components Vulnerable to Denial-of-Service via Connection Exhaustion (CVE-2026-44579)

Next.js applications using Partial Prerendering through Cache Components are vulnerable to connection exhaustion (CVE-2026-44579), where crafted POST requests to a server action trigger a request-body handling deadlock, consuming server capacity and leading to denial of service.

next +1 denial-of-service connection-exhaustion next.js cve-2026-44579

2r 1t 2h ago