CVE-2026-27460

Name of the Vulnerable Software and Affected Versions Tandoor Recipes versions prior to 2.6.5

Description Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to version 2.6.5, a Denial of Service (DoS) issue exists in the recipe import functionality. An authenticated user can cause a server crash or significant performance degradation by uploading a large ZIP file (ZIP Bomb).

Recommendations Update to version 2.6.5 or later.