Every CVE whose affected-product data names Benoitc Hackney, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2026-47077 — CVSS 7.5 (high): Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. hackney_h3:await_response_loop/6…
CVE-2026-47067 — CVSS 7.5 (high): Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in…
CVE-2026-47073 — CVSS 7.5 (high): Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The WebSocket client in…
CVE-2026-47075 — CVSS 7.5 (high): Improper Neutralization of CRLF Sequences vulnerability in benoitc hackney allows HTTP Request Splitting. hackney does not percent-encode…
CVE-2026-47066 — CVSS 7.5 (high): Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in benoitc hackney allows Excessive Allocation. The Alt-Svc response…
CVE-2026-47071 — CVSS 7.5 (high): Uncontrolled Resource Consumption vulnerability in benoitc hackney allows Flooding. The SOCKS5 transport in src/hackney_socks5.erl…
CVE-2026-47076 — CVSS 6.5 (medium): Interpretation Conflict vulnerability in benoitc hackney allows Server Side Request Forgery. hackney_url:normalize/2 URL-decodes the host…
CVE-2026-47070 — CVSS 6.1 (medium): Sensitive Data Exposure vulnerability in benoitc hackney allows Retrieve Embedded Sensitive Data. The HTTP/3 redirect handler in…