Threats Tagged 'cve-2026-31808'
View all threats tagged with 'cve-2026-31808'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-31808'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-31808: CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') in sindresorhus file-typeCVE-2026-31808 0 file-type detects the file type of a file, stream, or data. Prior to 21.3.1, a denial of service vulnerability exists in the ASF (WMV/WMA) file type detection parser. When parsing a crafted input where an ASF sub-header has a size field of zero, the parser enters an infinite loop. The payload value becomes negative (-24), causing tokenizer.ignore(payload) to move the read position backwards, so the same sub-header is read repeatedly forever. Any application that uses file-type to detect the type of untrusted/attacker-controlled input is affected. An attacker can stall the Node.js event loop with a 55-byte payload. Fixed in version 21.3.1. Join the discussion | CVE Database V5 | 03/10/2026, 21:01:55 UTC Added: 03/10/2026, 21:14:50 UTC |
Showing 1 to 1 of 1 result