Memory-Exhaustion

Prosody versions before 0.12.6, versions 1.0.0 through 13.0.0, and before version 13.0.5 are vulnerable to a denial of service due to memory leaks from unauthenticated connections, leading to memory exhaustion.

A memory exhaustion vulnerability (CVE-2026-33155) exists in a widely used Python library, affecting services like SageMaker, DataHub, and acryl-datahub due to an incomplete patch for CVE-2025-58367, requiring pinning to version 8.6.2.