Resource exhaustion in Leandrocp Mdex

CVE-2026-53426

Allocation of Resources Without Limits or Throttling vulnerability in leandrocp MDEx allows Excessive Allocation. MDEx.parse_document/2 accepts a {:json, json} source. In lib/mdex.ex, the private json_to_node/1 function passes the attacke…

Affected products

Leandrocp Mdex — versions 0.4.3, cbb59a3f792dbc343873adec3466f49c853dc309

Weakness classification (CWE)

CWE-770 — Allocation of Resources Without Limits or Throttling

References

6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related, vendor-advisory)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (patch)