What is CVE-2026-44488?

CVE-2026-44488 is a high-severity vulnerability, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 7.5/10. Published 2026-06-11.

How severe is CVE-2026-44488?

High severity. CVSS v3 base score is 7.5 out of 10.

CVE-2026-44488

CVE-2026-44488

Axios is a promise based HTTP client for the browser and Node.js. Axios versions 1.7.0 through 1.15.x did not enforce configured request and response size limits when requests were sent with the fetch adapter. Applications that selected ad…

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Weakness classification (CWE)

CWE-770 — Allocation of Resources Without Limits or Throttling

References

security-advisories@github.com

Frequently asked questions

What is CVE-2026-44488?: CVE-2026-44488 is a high-severity vulnerability, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 7.5/10. Published 2026-06-11.
How severe is CVE-2026-44488?: High severity. CVSS v3 base score is 7.5 out of 10.