HIGH
brantburnett
CVE published 2026-05-12
CVE-2026-44302
A denial-of-service vulnerability exists in Snappier, a high-performance C# implementation of the Snappy compression algorithm. Versions prior to 1.3.1 are affected by an uncatchable infinite loop that triggers when decompressing malformed framed-format Snappy streams. The vulnerability can be exploited with input as small as 15 bytes, making it trivial to trigger. The CVSS 3.1 score of 7.5 (HIGH) reflect [truncated]