CVE-2026-41309

Name of the Vulnerable Software and Affected Versions Open Source Social Network versions prior to 9.0

Description Resource exhaustion occurs when an attacker uploads a specially crafted image with extreme pixel dimensions. Although the compressed file size may be small, the server allocates excessive memory and CPU cycles during decompression and resizing, resulting in a Denial of Service (DoS) condition, which is a state where a system becomes unavailable to its intended users.

Recommendations Update to version 9.0. Adjust php.ini settings to strictly limit memory limit and max execution time. Implement client-side and server-side checks on image headers to reject files exceeding reasonable pixel dimensions before processing.