CVE-2026-28412 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `DirectorServer` WebSocket server imposes no limit on concurrent connections. Combined wi…
Medium CVSS: 6.5

CVE-2026-28412

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `DirectorServer` WebSocket server imposes no limit on concurrent connections. Combined with a broadcast timer that sends state to all connected clients every 100 ms, an attacker can exhaust CPU and memory by flooding the server with connections, causing the Textream application to freeze and crash during a live session. Version 1.5.1 fixes the issue.
Vendor
Fka
Product
Textream
CWE
CWE-400
Yayın Tarihi
2026-03-02 16:16:25
Güncelleme
2026-03-10 18:23:12
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-400 Textream MEDIUM Fka 2026

Referanslar

https://github.com/f/textream/commit/3524fa96f98ba17025b48ce9e19d49d859fc2ec1 https://github.com/f/textream/security/advisories/GHSA-qr5p-7x47-qxh9