PT-2026-35899 · Webflux · Webflux

Xint Code

Published

2026-04-29

Updated

2026-05-15

CVE-2026-22740

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions WebFlux server application (affected versions not specified)

Description A WebFlux server application that processes multipart requests creates temporary files for parts larger than 10 K. Under certain conditions, these temporary files may not be deleted after the request is fully processed, which allows an attacker to consume available disk space.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2026-22740

GHSA-5843-P793-GHMM

Affected Products

Webflux

PT-2026-35899 · Webflux · Webflux

CVE-2026-22740

Weakness Enumeration

Related Identifiers

Affected Products

References · 13