top of page
perceptive_background_267k.jpg

Open Source Social Network (OSSN) is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An at…

Published:

23 april 2026 om 22:00:00

Alert date:

24 april 2026 om 15:07:56

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

Open Source Social Network (OSSN) versions prior to 9.0 are vulnerable to resource exhaustion attacks. Attackers can upload specially crafted images with extreme pixel dimensions (10000x10000 pixels) that consume significant memory and CPU during decompression and resizing, leading to Denial of Service conditions. The compressed file size may be small on disk but causes server resource exhaustion during processing. OSSN 9.0 introduces stricter image dimension validation and improved resource management. Immediate mitigation includes adjusting PHP memory limits and implementing pixel dimension checks before processing.

Technical details

Mitigation steps:

Affected products:

Open Source Social Network (OSSN)

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-41309
https://github.com/opensource-socialnetwork/opensource-socialnetwork/commit/12357113b3be189da7f6e429979a464e4f982117
https://github.com/opensource-socialnetwork/opensource-socialnetwork/issues/2535
https://github.com/opensource-socialnetwork/opensource-socialnetwork/security/advisories/GHSA-72qf-xrcw-fhr2

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page