Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-8468
PUBLISHED
More InfoOfficial Page
Assigner-EEF
Assigner Org ID-6b3ad84c-e1a6-4bf7-a703-f496b71e49db
View Known Exploited Vulnerability (KEV) details
Published At-14 May, 2026 | 10:29
Updated At-15 May, 2026 | 04:33
Rejected At-
▼CVE Numbering Authority (CNA)
Unbounded buffer accumulation in multipart header parsing causes denial of service in plug

Allocation of Resources Without Limits or Throttling vulnerability in plug_project plug allows denial of service via unbounded buffer accumulation in multipart header parsing. 'Elixir.Plug.Conn':read_part_headers/2 in lib/plug/conn.ex does not obey its :length parameter. There is no upper bound on the size of the accumulated buffer. By contrast, the sibling function read_part_body has an explicit byte_size(acc) > length guard that stops accumulation once a limit is reached. No such guard exists in read_part_headers. An unauthenticated remote attacker can exhaust server memory by sending a crafted multipart/form-data request, causing a denial of service. This issue affects plug from 1.4.0 before 1.15.4, 1.16.3, 1.17.1, 1.18.2, and 1.19.2.

Affected Products
Vendor
elixir-plug
Product
plug
Collection URL
https://repo.hex.pm
Package Name
plug
Repo
https://github.com/elixir-plug/plug
CPEs
  • cpe:2.3:a:plug_project:plug:*:*:*:*:*:*:*:*
Modules
  • Elixir.Plug.Conn
Program Files
  • lib/plug/conn.ex
Program Routines
  • 'Elixir.Plug.Conn':read_part_headers/2
Default Status
unaffected
Versions
Affected
  • From 1.4.0 before 1.15.4 (semver)
  • From 1.16.0 before 1.16.3 (semver)
  • From 1.17.0 before 1.17.1 (semver)
  • From 1.18.0 before 1.18.2 (semver)
  • From 1.19.0 before 1.19.2 (semver)
Vendor
elixir-plug
Product
plug
Collection URL
https://github.com
Package Name
elixir-plug/plug
Repo
https://github.com/elixir-plug/plug
CPEs
  • cpe:2.3:a:plug_project:plug:*:*:*:*:*:*:*:*
Modules
  • Elixir.Plug.Conn
Program Files
  • lib/plug/conn.ex
Program Routines
  • 'Elixir.Plug.Conn':read_part_headers/2
Default Status
unaffected
Versions
Affected
  • From c52b2f32c90bccd718202bafccb5f95594e30183 before * (git)
    • -> unaffectedfrom2cb7958d33030aa826b0c7404375844d4593d43a
    • -> unaffectedfromaa69c5ece99c40ded88b8c6581ecc86664b0b734
    • -> unaffectedfromd5dfffe25e975585227b1b85d247b0d14164bc45
    • -> unaffectedfromdf812a1527bae9e941965e897308a2b8bbf83a94
    • -> unaffectedfrom33858427c7f2737d560a2e40a0c9a9270d77d1d7
Problem Types
TypeCWE IDDescription
CWECWE-770CWE-770 Allocation of Resources Without Limits or Throttling
Type: CWE
CWE ID: CWE-770
Description: CWE-770 Allocation of Resources Without Limits or Throttling
Metrics
VersionBase scoreBase severityVector
4.08.2HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 8.2
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-130CAPEC-130 Excessive Allocation
CAPEC ID: CAPEC-130
Description: CAPEC-130 Excessive Allocation
Solutions
Configurations

The application must use Plug.Parsers with the :multipart parser, or otherwise call Plug.Conn.read_part_headers/2 to process multipart/form-data request bodies. Deployments that do not handle multipart uploads are not affected.

Workarounds
Exploits
Credits
finder
José Valim
remediation developer
José Valim
analyst
Jonatan Männchen
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/elixir-plug/plug/security/advisories/GHSA-468c-vq7p-gh64
vendor-advisory
related
https://cna.erlef.org/cves/CVE-2026-8468.html
related
https://osv.dev/vulnerability/EEF-CVE-2026-8468
related
https://cna.erlef.org/cves/CVE-2026-8466.html
related
https://github.com/elixir-plug/plug/commit/2cb7958d33030aa826b0c7404375844d4593d43a
patch
https://github.com/elixir-plug/plug/commit/aa69c5ece99c40ded88b8c6581ecc86664b0b734
patch
https://github.com/elixir-plug/plug/commit/d5dfffe25e975585227b1b85d247b0d14164bc45
patch
https://github.com/elixir-plug/plug/commit/df812a1527bae9e941965e897308a2b8bbf83a94
patch
https://github.com/elixir-plug/plug/commit/33858427c7f2737d560a2e40a0c9a9270d77d1d7
patch
Hyperlink: https://github.com/elixir-plug/plug/security/advisories/GHSA-468c-vq7p-gh64
Resource:
vendor-advisory
related
Hyperlink: https://cna.erlef.org/cves/CVE-2026-8468.html
Resource:
related
Hyperlink: https://osv.dev/vulnerability/EEF-CVE-2026-8468
Resource:
related
Hyperlink: https://cna.erlef.org/cves/CVE-2026-8466.html
Resource:
related
Hyperlink: https://github.com/elixir-plug/plug/commit/2cb7958d33030aa826b0c7404375844d4593d43a
Resource:
patch
Hyperlink: https://github.com/elixir-plug/plug/commit/aa69c5ece99c40ded88b8c6581ecc86664b0b734
Resource:
patch
Hyperlink: https://github.com/elixir-plug/plug/commit/d5dfffe25e975585227b1b85d247b0d14164bc45
Resource:
patch
Hyperlink: https://github.com/elixir-plug/plug/commit/df812a1527bae9e941965e897308a2b8bbf83a94
Resource:
patch
Hyperlink: https://github.com/elixir-plug/plug/commit/33858427c7f2737d560a2e40a0c9a9270d77d1d7
Resource:
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found