Payload is the open-source, fullstack Next.js framework, giving you instant backend superpowers. Get a full TypeScript backend and admin panel instantly. Use Payload as a headless CMS or for building powerful applications.
fix(deps): bump undici to 7.18.2 to mitigate chained decompression (#15221)
Addresses a vulnerability in undici fetch decompression handling where unbounded Content-Encoding chains could cause excessive CPU and memory usage. CVE-2026-22036
V
Vincent Vu committed
591f9d22c52d86b30729d48e20a0604b16c2fca8
Parent: 49c9fa9
Committed by GitHub <noreply@github.com>
on 1/16/2026, 6:46:14 PM