VULNRABLE / Vulnerability / CVE-2026-48043
CVE-2026-48043
MEDIUM io.netty:netty-codec-http2 GHSA
CVSS Score
5.5
Severity
MEDIUM
EPSS
0%
Source
GHSA
Summary
netty-codec-http2: ByteBuf Reference-Count Leak in DelegatingDecompressorFrameListener Leads to Memory Exhaustion
What this means
CVE-2026-48043 is a medium-severity vulnerability affecting io.netty:netty-codec-http2, rated CVSS 5.5. The EPSS model estimates a 0% probability of exploitation in the next 30 days. Published June 11, 2026.
View full advisory at GHSA →