Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2026-47067— Atom table exhaustion via unrecognized URL schemes in hackney

AI Predicted 8.6 Difficulty: Easy EPSS 0.04% · P13

Possible ATT&CK Techniques 1AI

T1496 · Resource Hijacking

Affected Version Matrix 2

VendorProductVersion RangeStatus
benoitchackney2.0.0< 4.0.1affected
d9713695c0d99855d12c73fd8a0b4be0543950c4< 31f6f0e27e096ad88743dfded4f030a3ee74972eaffected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-47067

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Atom table exhaustion via unrecognized URL schemes in hackney
Source: NVD (National Vulnerability Database)
Vulnerability Description
Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackney_url.erl converts every unrecognized URL scheme to a permanent BEAM atom via binary_to_atom/2. BEAM atoms are never garbage-collected and the atom table defaults to a hard limit of 1,048,576 entries. An attacker who can supply URLs with attacker-chosen scheme prefixes — directly as request targets, as configured webhook URLs, or via Location headers followed during redirects — can exhaust the atom table and crash the entire BEAM VM with system_limit. This issue affects hackney: from 2.0.0 before 4.0.1.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
不加限制或调节的资源分配
Source: NVD (National Vulnerability Database)
Vulnerability Title
Hackney 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Hackney是Hackney公司的一个程序库。 Hackney 2.0.0至4.0.1之前版本存在安全漏洞,该漏洞源于URL解析器将未识别的URL方案转换为永久BEAM原子,可能导致原子表耗尽和BEAM VM崩溃。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
benoitchackney 2.0.0 ~ 4.0.1 cpe:2.3:a:benoitc:hackney:*:*:*:*:*:*:*:*
benoitchackney d9713695c0d99855d12c73fd8a0b4be0543950c4 ~ 31f6f0e27e096ad88743dfded4f030a3ee74972e cpe:2.3:a:benoitc:hackney:*:*:*:*:*:*:*:*

II. Public POCs for CVE-2026-47067

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-47067

登录查看更多情报信息。

Patches & Fixes for CVE-2026-47067 (1)

Vendor Advisories for CVE-2026-47067 (3)

Same Patch Batch · benoitc · 2026-05-25 · 10 CVEs total

CVE-2026-47070HTTP/3 redirect handler leaks Authorization and Cookie headers to cross-origin redirect ta
CVE-2026-47069CRLF injection in cookie domain/path options in hackney
CVE-2026-47076SSRF allowlist bypass via percent-encoded host in hackney
CVE-2026-47073Unbounded memory consumption in WebSocket client in hackney
CVE-2026-47075CR/LF injection in query parameter in hackney
CVE-2026-47072CRLF injection in WebSocket upgrade request in hackney
CVE-2026-47077Unbounded body accumulation in HTTP/3 response loop in hackney
CVE-2026-47071SOCKS5 TLS upgrade ignores caller timeout in hackney
CVE-2026-47066Infinite loop in Alt-Svc header parser in hackney

IV. Related Vulnerabilities

Same product: hackney
Same vendor: benoitc
Same weakness: CWE-770

V. Comments for CVE-2026-47067

No comments yet

Leave a comment