Loading market data...
← Back to CVE feed

CVE-2026-46679

HIGH CVSS 7.5 View on NVD ↗

Description

libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 15.0.23, three cooperating omissions in @libp2p/gossipsub allow an unauthenticated single peer to exhaust the Node.js heap of any gossipsub node with default options. This issue has been patched in version 15.0.23.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Published: Jun 10, 2026 22:17 UTC Modified: Jun 11, 2026 16:16 UTC