HIGH
smallnest
CVE published 2026-07-08
CVE-2026-59803
CVE-2026-59803 is a denial-of-service vulnerability in rpcx through 1.9.3. The issue is caused by a lack of size limitation during gzip decompression in the rpcx protocol. When a message has the compression flag set, the payload is gzip-decompressed via util.Unzip with no limit on the decompressed output size. This can lead to out-of-memory conditions and service unavailability.