CVE-2026-54280

ADVISORY - github

Summary

Payload resources are not closed correctly when a client disconnects in the middle of a write.

Impact

If a payload is using an open file or similar limited resource, then an attacker may be able to cause resource starvation temporarily until garbage collection or similar closes the file.

Patch: https://github.com/aio-libs/aiohttp/commit/a762eda5242f6490d6ba667533193f8b473ad587

EPSS Score⁠: 0.00024 (0.072)

Common Weakness Enumeration (CWE)

ADVISORY - github

CWE-404⁠

Improper Resource Shutdown or Release

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.