Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2026-34824
Analyzed
More InfoOfficial Page
Source-security-advisories@github.com
View Known Exploited Vulnerability (KEV) details
Published At-03 Apr, 2026 | 23:17
Updated At-13 Apr, 2026 | 17:28

Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1.2.5, an uncontrolled resource consumption vulnerability exists in the WebSocket implementation of the Mesop framework. An unauthenticated attacker can send a rapid succession of WebSocket messages, forcing the server to spawn an unbounded number of operating system threads. This leads to thread exhaustion and Out of Memory (OOM) errors, causing a complete Denial of Service (DoS) for any application built on the framework. This issue has been patched in version 1.2.5.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
mesop-dev
mesop-dev
>>mesop>>Versions from 1.2.3(inclusive) to 1.2.5(exclusive)
cpe:2.3:a:mesop-dev:mesop:*:*:*:*:*:python:*:*
Weaknesses
CWE IDTypeSource
CWE-125Secondarysecurity-advisories@github.com
CWE-770Primarynvd@nist.gov
CWE ID: CWE-125
Type: Secondary
Source: security-advisories@github.com
CWE ID: CWE-770
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/mesop-dev/mesop/commit/760a2079b5c609038c826d24dfbcf9b0be98d987security-advisories@github.com
Patch
https://github.com/mesop-dev/mesop/releases/tag/v1.2.5security-advisories@github.com
Product
Release Notes
https://github.com/mesop-dev/mesop/security/advisories/GHSA-3jr7-6hqp-x679security-advisories@github.com
Exploit
Mitigation
Vendor Advisory
https://github.com/mesop-dev/mesop/security/advisories/GHSA-3jr7-6hqp-x679134c704f-9b21-4f2e-91b3-4a467353bcc0
Exploit
Mitigation
Vendor Advisory
Hyperlink: https://github.com/mesop-dev/mesop/commit/760a2079b5c609038c826d24dfbcf9b0be98d987
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/mesop-dev/mesop/releases/tag/v1.2.5
Source: security-advisories@github.com
Resource:
Product
Release Notes
Hyperlink: https://github.com/mesop-dev/mesop/security/advisories/GHSA-3jr7-6hqp-x679
Source: security-advisories@github.com
Resource:
Exploit
Mitigation
Vendor Advisory
Hyperlink: https://github.com/mesop-dev/mesop/security/advisories/GHSA-3jr7-6hqp-x679
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Exploit
Mitigation
Vendor Advisory
Change History
0Changes found
Details not found