By vendor

Kjd vulnerabilities

Known CVEs affecting Kjd products, prioritized by severity, with SEC.co remediation and detection guidance.

1 published vulnerability

  • CVE-2026-45409MEDIUM 5.3

    The Python IDNA library, which handles internationalized domain names, has a resource-exhaustion vulnerability that allows attackers to cause denial-of-service by sending specially crafted, extremely long domain names to the idna.encode() function. The vulnerability stems from the library processing certain Unicode patterns through validation logic before rejecting them as too long—a process that can consume significant CPU and memory for large inputs. This is a regression: the same issue was supposedly patched in 2024 (CVE-2024-3651), but the fix was incomplete and only addressed some code paths. Version 3.15 extends the complete fix to all relevant functions. Under normal circumstances, domain names are limited to 253 characters, so legitimate applications are unaffected. The risk exists primarily when applications pass unvalidated, arbitrarily large input directly to the library.