{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-40608", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-04-14T14:07:59.642Z", "datePublished": "2026-04-21T17:56:35.046Z", "dateUpdated": "2026-04-21T18:36:25.819Z"}, "containers": {"cna": {"title": "Next AI Draw.io: Unbounded HTTP Body \u2014 Denial of Service", "problemTypes": [{"descriptions": [{"cweId": "CWE-770", "lang": "en", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/DayuanJiang/next-ai-draw-io/security/advisories/GHSA-9q7h-wgfw-p378", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/DayuanJiang/next-ai-draw-io/security/advisories/GHSA-9q7h-wgfw-p378"}, {"name": "https://github.com/DayuanJiang/next-ai-draw-io/commit/31819f413cc4b329a1cb81e5fccd0cd98c1fd665", "tags": ["x_refsource_MISC"], "url": "https://github.com/DayuanJiang/next-ai-draw-io/commit/31819f413cc4b329a1cb81e5fccd0cd98c1fd665"}], "affected": [{"vendor": "DayuanJiang", "product": "next-ai-draw-io", "versions": [{"version": "< 0.4.15", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-21T17:56:35.046Z"}, "descriptions": [{"lang": "en", "value": "Next AI Draw.io is a next.js web application that integrates AI capabilities with draw.io diagrams. Prior to 0.4.15, the embedded HTTP sidecar contains three POST handlers (/api/state, /api/restore, and /api/history-svg) that process incoming requests by accumulating the entire request body into a JavaScript string without any size limitations. Node.js buffers the entire payload in the V8 heap. Sending a sufficiently large body (e.g., 500 MiB or more) will exhaust the process heap memory, leading to an Out-of-Memory (OOM) error that crashes the MCP server. This vulnerability is fixed in 0.4.15."}], "source": {"advisory": "GHSA-9q7h-wgfw-p378", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/DayuanJiang/next-ai-draw-io/security/advisories/GHSA-9q7h-wgfw-p378", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-21T18:36:21.833743Z", "id": "CVE-2026-40608", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-21T18:36:25.819Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-40608", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-21T18:36:21.833743Z"}}}], "references": [{"url": "https://github.com/DayuanJiang/next-ai-draw-io/security/advisories/GHSA-9q7h-wgfw-p378", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-21T18:36:10.209Z"}}], "cna": {"title": "Next AI Draw.io: Unbounded HTTP Body \u2014 Denial of Service", "source": {"advisory": "GHSA-9q7h-wgfw-p378", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "DayuanJiang", "product": "next-ai-draw-io", "versions": [{"status": "affected", "version": "< 0.4.15"}]}], "references": [{"url": "https://github.com/DayuanJiang/next-ai-draw-io/security/advisories/GHSA-9q7h-wgfw-p378", "name": "https://github.com/DayuanJiang/next-ai-draw-io/security/advisories/GHSA-9q7h-wgfw-p378", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/DayuanJiang/next-ai-draw-io/commit/31819f413cc4b329a1cb81e5fccd0cd98c1fd665", "name": "https://github.com/DayuanJiang/next-ai-draw-io/commit/31819f413cc4b329a1cb81e5fccd0cd98c1fd665", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Next AI Draw.io is a next.js web application that integrates AI capabilities with draw.io diagrams. Prior to 0.4.15, the embedded HTTP sidecar contains three POST handlers (/api/state, /api/restore, and /api/history-svg) that process incoming requests by accumulating the entire request body into a JavaScript string without any size limitations. Node.js buffers the entire payload in the V8 heap. Sending a sufficiently large body (e.g., 500 MiB or more) will exhaust the process heap memory, leading to an Out-of-Memory (OOM) error that crashes the MCP server. This vulnerability is fixed in 0.4.15."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770: Allocation of Resources Without Limits or Throttling"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-04-21T17:56:35.046Z"}}}, "cveMetadata": {"cveId": "CVE-2026-40608", "state": "PUBLISHED", "dateUpdated": "2026-04-21T18:36:25.819Z", "dateReserved": "2026-04-14T14:07:59.642Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-04-21T17:56:35.046Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Next AI Draw.io is a next.js web application that integrates AI capabilities with draw.io diagrams. Prior to 0.4.15, the embedded HTTP sidecar contains three POST handlers (/api/state, /api/restore, and /api/history-svg) that process incoming requests by accumulating the entire request body into a JavaScript string without any size limitations. Node.js buffers the entire payload in the V8 heap. Sending a sufficiently large body (e.g., 500 MiB or more) will exhaust the process heap memory, leading to an Out-of-Memory (OOM) error that crashes the MCP server. This vulnerability is fixed in 0.4.15."}], "id": "CVE-2026-40608", "lastModified": "2026-04-21T19:16:17.640", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-04-21T18:16:52.280", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/DayuanJiang/next-ai-draw-io/commit/31819f413cc4b329a1cb81e5fccd0cd98c1fd665"}, {"source": "security-advisories@github.com", "url": "https://github.com/DayuanJiang/next-ai-draw-io/security/advisories/GHSA-9q7h-wgfw-p378"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/DayuanJiang/next-ai-draw-io/security/advisories/GHSA-9q7h-wgfw-p378"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T05:37:46.821673+00:00", "value": {"mitigation_remediation": ["Upgrade Next\u202fAI\u202fDraw.io to version\u202f0.4.15 or newer, which limits request body size and protects against OOM.", "Configure the reverse\u2011proxy or application server to enforce a maximum request body size (for example, Nginx client_max_body_size or a similar directive) to prevent large payloads from reaching the application.", "Enable application\u2011level resource limits or container memory quotas to contain any accidental memory exhaustion and to ensure the service can be restarted quickly if an OOM occurs."], "summary": {"action": "Apply Patch", "impact": "Denial of Service (out\u2011of\u2011memory crash)"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Next\u202fAI\u202fDraw.io web application version 0.4.14 and earlier, hosted by the vendor DayuanJiang. Attackers can target the web service at any exposed instance of the application, specifically the three POST endpoints mentioned above.", "description_and_impact": "The flaw allows an attacker to send arbitrarily large POST request bodies to the /api/state, /api/restore and /api/history-svg endpoints of Next\u202fAI\u202fDraw.io. The application concatenates the entire request payload into a JavaScript string without any size check, causing Node.js to allocate the full size in the V8 heap. A request of roughly 500\u202fMiB or more exhausts the process memory and triggers an Out\u2011of\u2011Memory error that crashes the service. This is a resource exhaustion vulnerability (CWE\u2011770).", "risk_and_exploitability": "The CVSS score of 6.2 denotes a moderate severity and the absence of an EPSS score indicates no publicly known exploitation frequency. The vulnerability is not listed in the CISA KEV catalog. The attack vector is remote, requiring only that an attacker can reach the HTTP endpoints; no authentication or local execution is needed. A successful exploitation results in a denial of service for all users of the affected instance and could potentially create a DoS cascade if multiple instances share resources."}}}}, "created": "2026-04-22T05:45:09.823251+00:00", "updated": "2026-04-22T05:45:09.823266+00:00", "vendors": []}