CVE-2025-70886 PUBLISHED

Assigner: mitre
Reserved: 09.01.2026 Published: 12.02.2026 Updated: 12.02.2026

An issue in halo v.2.22.4 and before allows a remote attacker to cause a denial of service via a crafted payload to the public comment submission endpoint

Product Status

Vendor	n/a
Product	n/a
Versions	Version n/a is affected

References

https://github.com/halo-dev/halo/issues/7890
https://howiehz.top/archives/halo-comment-payload-tweaker
https://github.com/HowieHz/CVE-2025-70886

Problem Types

n/a text