[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"public-cve-CVE-2026-44890":3,"news-by-cve-CVE-2026-44890-10":58},{"source_identifier":4,"remediation_summary":5,"cvss_severity":7,"in_kev":6,"has_solution":6,"affected_product_count":8,"references_preview":9,"kev_ransomware_use":6,"attack_technique_count":8,"attack_tactics":17,"has_attack_graph":19,"id":20,"title":21,"nvd_cvss_score":22,"has_exploit":6,"affected_products_preview":23,"state":29,"cvss_score":22,"nvd_cvss_severity":7,"has_workaround":6,"reference_count":30,"description":31,"sources":32,"has_ai_summary":6,"sectors":34,"vendor_context":35,"tags":41,"attack_techniques":42,"has_nuclei_templates":6,"weaknesses":49,"date_updated":53,"assigner_short_name":52,"cvss_version":54,"nvd_cvss_vector":55,"cvss_source":12,"nuclei_template_count":56,"date_published":57,"assigner_org":52,"cvss_vector":55,"exploit_count":56},"a0819718-46f1-4df5-94e2-005712e83aaa",{"has_patch":6,"has_workaround":6},false,"HIGH",1,[10,13,15],{"url":11,"source":12},"https://github.com/netty/netty/releases/tag/netty-4.1.135.Final","nvd",{"url":14,"source":12},"https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",{"url":16,"source":12},"https://github.com/netty/netty/security/advisories/GHSA-6ghj-frrj-jjj3",[18],"Impact",true,"CVE-2026-44890","Netty has Unbounded Direct Memory Consumption in its RedisDecoder",7.5,[24],{"deployment":25,"vendor":26,"product":26,"sector":27,"subsector":28},"library","netty","oss-libraries","generic-library","PUBLISHED",3,"Netty is a network application framework for development of protocol servers and clients. In netty-codec-redis prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can cause DoS by sending crafted Redis payloads across multiple connections without `\\r\\n`. This exhausts the server's direct memory pool (OutOfDirectMemoryError), preventing legitimate connections from being processed. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",[33,12],"cvelist",[27],[36],{"vendor_type":37,"aliases":38,"sector":27,"subsector":28,"vendor":26},"oss-project",[39,40],"io.netty:netty","netty-incubator-codec-ohttp",[],[43],{"technique_id":44,"technique_name":45,"tactic":46,"tactic_name":18,"url":47,"confidence":48},"T1499","Endpoint Denial of Service","impact","https://attack.mitre.org/techniques/T1499/","high",[50],{"cwe_id":51,"name":52},"CWE-400","","2026-06-11T22:16:56Z","3.1","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",0,"2026-06-11T20:52:50Z",{"cve_id":20,"items":59,"total":56},[]]