Undici has Unbounded Memory Consumption in its DeduplicationHandler via Response Buffering that leads to DoS

CVE-2026-2581 → View on GitHub ↗ View on CVE.org ↗ View on NVD ↗

Description

Impact

This is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Service (DoS).

In vulnerable Undici versions, when interceptors.deduplicate() is enabled, response data for deduplicated requests could be accumulated in memory for downstream handlers. An attacker-controlled or untrusted upstream endpoint can exploit this with large/chunked responses and concurrent identical requests, causing high memory usage and potential OOM process termination.

Impacted users are applications that use Undici’s deduplication interceptor against endpoints that may produce large or long-lived response bodies.

Patches

The issue has been patched by changing deduplication behavior to stream response chunks to downstream handlers as they arrive (instead of full-body accumulation), and by preventing late deduplication when body streaming has already started.

Users should upgrade to the first official Undici (and Node.js, where applicable) releases that include this patch.

Workarounds

If upgrading immediately is not possible:

  • Disable interceptors.deduplicate() for affected clients/routes.
  • Use skipHeaderNames with a marker header to force high-risk requests to bypass deduplication.
  • Avoid concurrent identical requests to untrusted endpoints that may return very large/chunked bodies.
  • Apply upstream/proxy response-size and timeout limits.

Basic information

Type
reviewed
Severity
medium
Advisory on GitHub
Open advisory ↗
Repository advisory
Open repository advisory ↗
Source code
Browse source ↗
Published (advisory)
2026-03-13 20:37:58 UTC
Updated
2026-03-13 20:37:58 UTC
GitHub reviewed
2026-03-13 20:37:58 UTC
NVD published
2026-03-12 21:16:25 UTC

EPSS Score

Score Percentile
0.02% 5.04%

CVSS Scores

Base score Version Severity Vector
5.9 3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:H)
Even with access, the exploit needs extra luck, timing, or a fussy environment to actually work.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:N)
Doesn’t really leak secrets in a meaningful way.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.

Identifiers

Type Value
GHSA GHSA-phc3-fgpg-7m6h ↗
CVE CVE-2026-2581 ↗

CWEs

CWE id Name
CWE-770 Allocation of Resources Without Limits or Throttling

Credits

  • jackhax (reporter)
  • mcollina (remediation_developer)
  • UlisesGascon (remediation_reviewer)

Affected packages (1)

Vulnerable version ranges and first patched releases as published by GitHub.

Ecosystem Package Vulnerable range First patched Vulnerable functions
npm undici >= 7.17.0, < 7.24.0 7.24.0

References

cvelogic Threat Intelligence