CVE-2026-15308
Description
The incremental HTML parser (html.parser.HTMLParser) allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data.
Is your site exposed to CVE-2026-15308?
Run a free security scan — no signup, results in seconds.
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2026-15308? +
How do I check if I'm vulnerable to CVE-2026-15308? +
Related Vulnerabilities
Immutable.js provides many Persistent Immutable data structures. Prior to 4.3.9 and 5.1.8, List#set, List#setSize, List#setIn, List#updateIn, and the functional set, …
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates …
FastGPT is an AI Agent building platform. In versions 4.14.13 and prior, the code-sandbox component suffers from insufficient resource isolation …
Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. The devices improperly handle TLS requests associated with PROCOME sockets, …
Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. The device is vulnerable to a packet flooding denial of …
An uncontrolled resource consumption of file descriptors in SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 allows …