CVE-2025-68272 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Signal K Server is a server application that runs on a central hub in a boat. A Denial of Service (DoS) vulnerability in versions prior to 2.19.0 allows an unau…
High CVSS: 7.5

CVE-2025-68272

Signal K Server is a server application that runs on a central hub in a boat. A Denial of Service (DoS) vulnerability in versions prior to 2.19.0 allows an unauthenticated attacker to crash the SignalK Server by flooding the access request endpoint (`/signalk/v1/access/requests`). This causes a "JavaScript heap out of memory" error due to unbounded in-memory storage of request objects. Version 2.19.0 fixes the issue.
Vendor
Signalk
Product
Signal K Server
CWE
CWE-400
Yayın Tarihi
2026-01-01 18:15:40
Güncelleme
2026-01-06 18:23:55
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-400 Signal K Server HIGH Signalk 2026

Referanslar

https://github.com/SignalK/signalk-server/releases/tag/v2.19.0 https://github.com/SignalK/signalk-server/security/advisories/GHSA-7rqc-ff8m-7j23