Vendor
medium
advisory
Mint HTTP/2 Client Vulnerable to Unbounded CONTINUATION Frame Accumulation (CVE-2026-49754)
1 TTP 1 CVEA malicious or compromised HTTP/2 server can exploit CVE-2026-49754 in the Elixir Mint HTTP/2 client by sending an endless chain of CONTINUATION frames without an END_HEADERS flag, leading to unbounded memory accumulation, process exhaustion, and remote unauthenticated denial-of-service.
Mint
http/2
denial-of-service
vulnerability
elixir
1t
1c
medium
advisory
Mint HTTP/2 Client Unbounded Stream Map Growth Denial-of-Service (CVE-2026-48862)
1 TTP 1 CVEA malicious or compromised HTTP/2 server can exploit CVE-2026-48862 in Mint HTTP/2 clients by flooding them with PUSH_PROMISE frames and withholding corresponding HEADERS, leading to unbounded memory consumption and denial-of-service.
Mint
denial-of-service
http/2
elixir
client-side
vulnerability
1t
1c