CVE-2026-42039: CVE-2026-42039: Uncontrolled Recursion Denial of Service in Axios toFormData

1 / 2

CVE-2026-42039: CVE-2026-42039: Uncontrolled Recursion Denial of Service in Axios toFormData

DEV Community·CVE Reports·28 days ago

#uR5QnSdV

#commit #security #cve #cybersecurity #axios #denial

Reading 0:00

15s threshold

CVE-2026-42039: Uncontrolled Recursion Denial of Service in Axios toFormData Vulnerability ID: CVE-2026-42039 CVSS Score: 7.5 Published: 2026-05-05 CVE-2026-42039 is a high-severity Denial of Service (DoS) vulnerability in the Axios HTTP client library. The flaw exists in the toFormData utility due to uncontrolled recursion during object serialization, allowing attackers to crash Node.js processes via deeply nested objects. TL;DR Uncontrolled recursion in Axios toFormData allows attackers to cause a Denial of Service (DoS) by crashing the Node.js process with a stack overflow when parsing deeply nested JSON objects.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

CVE-2026-42039: CVE-2026-42039: Uncontrolled Recursion Denial of Service in Axios toFormData