CVE-2025-68272 – Signal K Server Vulnerable to Denial of Service via Unrestricted Access Request Flooding

CVE ID : CVE-2025-68272

Published : Jan. 1, 2026, 6:08 p.m. | 17 minutes ago

Description : Signal K Server is a server application that runs on a central hub in a boat. A Denial of Service (DoS) vulnerability in versions prior to 2.19.0 allows an unauthenticated attacker to crash the SignalK Server by flooding the access request endpoint (`/signalk/v1/access/requests`). This causes a “JavaScript heap out of memory” error due to unbounded in-memory storage of request objects. Version 2.19.0 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-15411 – WebAssembly wabt wasm-decompile InsertNode memory corruption

CVE-2025-69203 – Signal K Server Vulnerable to Access Request Spoofing

CVE-2025-68619 – Signal K Server Vulnerable to Remote Code Execution via Malicious npm Package

CVE-2025-68273 – Signal K Server Vulnerable to Unauthenticated Information Disclosure via Exposed Endpoints