Yudelevi

**Name of the Vulnerable Software and Affected Versions** NiceGUI versions 2.10.0 through 3.4.1 **Description** NiceGUI is a Python-based UI framework. An unauthenticated attacker can exhaust Redis connections by repeatedly opening and closing browser tabs on any NiceGUI application using Redis-backed storage. Connections are not released, leading to service degradation when Redis reaches its connection limit. NiceGUI continues accepting new connections, but errors are logged and storage functionality is broken. **Recommendations** Upgrade to version 3.5.0 or later.