Home / Vulnerability Intelligence / CVE-2026-33241

CVE-2026-33241 - Vulnerability Analysis

HighCVSS: 7.5

Last Updated: March 24, 2026

Salvo - Denial of Service

Published: March 24, 2026Updated: March 24, 2026PoC AvailableRemote Exploitable

Overview

Salvo Rust web framework < 0.89.3 contains an out-of-memory vulnerability caused by lack of payload size enforcement in form data parsing, letting attackers cause denial of service by sending large payloads, exploit requires crafted large request payload.

Severity & Score

Severity: High

CVSS Score: 7.5

Impact

Attackers can cause service crashes and denial of service by sending extremely large payloads.

Mitigation

Upgrade to version 0.89.3 or later.

References

https://github.com/salvo-rs/salvo/releases/tag/v0.89.3
https://github.com/salvo-rs/salvo/security/advisories/GHSA-pp9r-xg4c-8j4x

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-33241
Severity: High
CVSS Score: 7.5
Type: denial_of_service
Status: confirmed

CWE

CWE-770

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H