{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/memory-exhaustion/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":5.3,"id":"CVE-2026-43506"}],"_cs_exploited":false,"_cs_products":["Prosody"],"_cs_severities":["medium"],"_cs_tags":["denial-of-service","memory exhaustion","prosody"],"_cs_type":"advisory","_cs_vendors":["Prosody"],"content_html":"\u003cp\u003eA denial of service vulnerability, identified as CVE-2026-43506, affects Prosody, a popular XMPP server. The vulnerability exists in versions prior to 0.12.6, versions 1.0.0 through 13.0.0, and before version 13.0.5. Successful exploitation of this vulnerability results in a denial-of-service condition due to memory exhaustion. The root cause is memory leaks triggered by unauthenticated connections, which gradually consume server resources until the system becomes unresponsive. This vulnerability was publicly disclosed on May 1, 2026, and poses a risk to organizations using affected versions of Prosody, as it can disrupt communication services and impact overall system availability.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker establishes an unauthenticated connection to the Prosody server.\u003c/li\u003e\n\u003cli\u003eThe connection triggers a memory leak within the Prosody server software.\u003c/li\u003e\n\u003cli\u003eThe memory leak consumes a small amount of system memory.\u003c/li\u003e\n\u003cli\u003eThe attacker repeatedly establishes new unauthenticated connections.\u003c/li\u003e\n\u003cli\u003eEach connection triggers further memory leaks, compounding the memory consumption.\u003c/li\u003e\n\u003cli\u003eThe server\u0026rsquo;s available memory is gradually exhausted due to the accumulated leaks.\u003c/li\u003e\n\u003cli\u003eAs memory resources diminish, the Prosody server\u0026rsquo;s performance degrades.\u003c/li\u003e\n\u003cli\u003eEventually, the Prosody server becomes unresponsive, resulting in a denial-of-service condition.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe successful exploitation of CVE-2026-43506 can lead to a denial-of-service condition, rendering the Prosody XMPP server unavailable. This can disrupt communication services for organizations relying on the affected Prosody versions. The impact can range from temporary service interruptions to prolonged outages, depending on the severity of the memory exhaustion and the organization\u0026rsquo;s recovery capabilities. There is no specific information available on the number of victims or specific sectors targeted.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Prosody servers to version 0.12.6 or 13.0.5 or later to remediate CVE-2026-43506.\u003c/li\u003e\n\u003cli\u003eMonitor Prosody server resource utilization, specifically memory consumption, for unusual increases that could indicate exploitation attempts.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rules provided in this brief to detect potential denial-of-service attacks exploiting CVE-2026-43506 by monitoring connection patterns.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-01T15:16:52Z","date_published":"2026-05-01T15:16:52Z","id":"/briefs/2026-05-prosody-dos/","summary":"Prosody versions before 0.12.6, versions 1.0.0 through 13.0.0, and before version 13.0.5 are vulnerable to a denial of service due to memory leaks from unauthenticated connections, leading to memory exhaustion.","title":"Prosody Memory Exhaustion Vulnerability (CVE-2026-43506)","url":"https://feed.craftedsignal.io/briefs/2026-05-prosody-dos/"},{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["memory-exhaustion","vulnerability","denial-of-service","python","supply-chain"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eA critical memory exhaustion vulnerability, identified as CVE-2026-33155, has been discovered in a widely used Python library downloaded approximately 29 million times per month. This vulnerability poses a significant threat to services that rely on the affected library, including Amazon SageMaker, DataHub, and acryl-datahub. The issue stems from an incomplete patch for a previous vulnerability, CVE-2025-58367, related to restricted unpickling. Organizations that applied the initial patch may…\u003c/p\u003e\n","date_modified":"2026-03-19T17:46:05Z","date_published":"2026-03-19T17:46:05Z","id":"/briefs/2026-03-memory-exhaustion-flaw/","summary":"A memory exhaustion vulnerability (CVE-2026-33155) exists in a widely used Python library, affecting services like SageMaker, DataHub, and acryl-datahub due to an incomplete patch for CVE-2025-58367, requiring pinning to version 8.6.2.","title":"Memory Exhaustion Vulnerability in Widely Used Python Library","url":"https://feed.craftedsignal.io/briefs/2026-03-memory-exhaustion-flaw/"}],"language":"en","title":"CraftedSignal Threat Feed — Memory-Exhaustion","version":"https://jsonfeed.org/version/1.1"}