CVE-2026-48854

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-48854

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-48854.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2026-48854

Aliases

EEF-CVE-2026-48854
GHSA-q8gf-9rvj-gmgj

Published

2026-06-15T21:55:23.629Z

Modified

2026-06-18T03:56:11.151662947Z

Severity

8.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVSS Calculator

Summary

Unbounded request body accumulation causes memory exhaustion in elixir-grpc/grpc

Details

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-trickle unary request body.

'Elixir.GRPC.Server.Adapters.Cowboy.Handler':readfullbody/3 (lib/grpc/server/adapters/cowboy/handler.ex) accumulates every received chunk into a single growing binary with no size cap. Additionally, when the client omits the grpc-timeout header, the per-chunk read timeout resolves to :infinity, allowing a slow-trickle client to keep the connection alive indefinitely while memory grows. A single connection is sufficient to exhaust server memory and crash the node.

This issue affects grpc from 0.3.1 before 1.0.0.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/48xxx/CVE-2026-48854.json",
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "introduced": "d1abe70a6cad6dac4a3f8235d883d7c896989560"
                },
                {
                    "fixed": "49e18c3ec6bb9afe2f712caad3dbab5c56a68a00"
                }
            ]
        }
    ],
    "cwe_ids": [
        "CWE-770"
    ],
    "cna_assigner": "EEF"
}

References

Affected packages

Git / github.com/elixir-grpc/grpc

Affected ranges

Type

GIT

Repo

https://github.com/elixir-grpc/grpc

Events

Introduced

387eb5df5413fe89d7b62246d6e5b094fd82e0f5

Fixed

8105f803030f7f5ae1d722251ee6ab2e36878830

Fixed

49e18c3ec6bb9afe2f712caad3dbab5c56a68a00

Database specific

{
    "source": [
        "DESCRIPTION",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0.3.1"
        },
        {
            "fixed": "1.0.0"
        }
    ]
}

Affected versions

v0.*

v0.11.2

v0.3.1

v0.4.0

v0.5.0

v0.5.0-beta

v0.5.0-beta.1

v0.6.0

v0.7.0

v0.8.0

v0.8.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-48854.json"