216.73.217.98

CVE-2026-23842

· Published 19/01/2026 19:16 · Modified 19/01/2026 19:16

Labels: CVE-2026-23842 2026-01-19CVE-2026-23842CWE-400[email protected]

Essential information

Published
19/01/2026 19:16
Modified
19/01/2026 19:16
Author
Creator
CVSS
7.5 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS metrics

Description

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the get_response() method can exhaust the underlying SQLAlchemy connection pool, resulting in persistent service unavailability and requiring a manual restart to recover. Version 1.2.11 fixes the issue.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
chatterbot / chatterbot cpe:2.3:a:chatterbot:chatterbot:*:*:*:*:*:*:*:*

References