PT-2026-22626 · Textream · Textream
Iamcanturk
·
Published
2026-03-02
·
Updated
2026-03-04
·
CVE-2026-28412
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Textream versions prior to 1.5.1
Description
Textream, a macOS teleprompter application, is susceptible to a denial-of-service condition. The
DirectorServer WebSocket server does not limit concurrent connections. This, combined with a broadcast timer sending state updates to all connected clients every 100 milliseconds, allows an attacker to deplete CPU and memory resources by establishing numerous connections. This can lead to the Textream application freezing and crashing, particularly during live sessions. The vulnerable component is the DirectorServer WebSocket server.Recommendations
Update to version 1.5.1 or later.
Exploit
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Textream