CVE-2026-1526 — The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consumption during permessage-deflate decompression. When a WebSocket connection negotiates the permessage- — CVE Database · The Intelligence Room