CVE-2025-61726
CVE Details
Visit the official vulnerability details page for CVE-2025-61726 to learn more.
Initial Publication
01/28/2026
Last Update
02/06/2026
Third Party Dependency
go
NIST CVE Summary
The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containing many unique query parameters can cause excessive memory consumption.
CVE Severity
Our Official Summary
Investigation is ongoing to determine how this vulnerability affects our products.
Status
Analyzed
Affected Products & Versions
| Version | PaletteAI | PaletteAI VerteX |
|---|---|---|
| 0.7.1 | ⚠️ Impacted | ⚠️ Impacted |
| 0.6.6 | ⚠️ Impacted | ⚠️ Impacted |
| 0.5.11 | ⚠️ Impacted | ⚠️ Impacted |
Revision History
No revisions available.